Forum Discussion

Chris_Day_10331's avatar
Chris_Day_10331
Icon for Nimbostratus rankNimbostratus
Jun 08, 2006

Raw TCP Insert

Guys,

 

 

I am working with a new potential client for F5 who has a requirement where they want to insert:

 

 

$client_ip:

 

 

..at the start of the data payload portion of the TCP request sent to the server, before the rest of the data. The TCP data sent to the client is a long-lived stream (like Citrix) which may be open for hours or even days.

 

 

The incoming port, while not important, is 7900 - it is not HTTP but rather a custom sockets-based application. This will be phased out in future versions of the code, as we are now able to provide the client IP natively (i.e. the SRC IP TCP header will now be valid where currently it is presented as the SrcIp of the (legacy) load balancer.

 

 

I found "TCP::payload replace" but wouldn't know enough on how to use it! In human code, I guess it would look like this:

 

 

1) Take the original TCP data and prepend it "$client_ip:" (Client IP address + semi colon)

 

2) Send the rest of the data as is to the server and change nothing further

 

 

Is this a simple iRule? Can someone help me craft it?

 

 

Time is somewhat of the essence because this is a sales situation and this is the last remaining piece of the puzzle. On a good note, I keep getting smarter every time I post a question and someone answers - maybe someday I won't have to ask... probably not. Thanks guys!

 

 

Chris
application delivery
dev
devops
iRules
  • Chris_Day_10331's avatar
    Chris_Day_10331
    Icon for Nimbostratus rankNimbostratus
    Jun 08, 2006
    Guys,

    This seems to work:

    rule my_tcp_insert {
    when SERVER_CONNECTED {
    TCP::collect 1
    TCP::payload replace 0 0 ";"
    TCP::payload replace 0 0 [clientside {IP::remote_addr}]
    }
}

    Any optimizations you can suggest?

    Chris
  • Colin_Walker_12's avatar
    Colin_Walker_12
    Historic F5 Account
    Jun 08, 2006
    Something like this, I'd wager:

    
TCP::payload replace 0 0 "[clientside {IP::remote_addr} ];"

    You may have to play with the spacing, but that's the general idea.

    Colin
  • Chris_Day_10331's avatar
    Chris_Day_10331
    Icon for Nimbostratus rankNimbostratus
    Jun 08, 2006
    Thank you! Now we found a bit of a problem...

     

     

    The issue is that we are terminating this connection via SSL at the BIG-IP via client SSL profile. We want to find the EVENT that allows us to replace this TCP data portion only between the BIG-IP and the unencrypted node. CLIENT_ACCEPTED/CLIENT_DATA doesn't work at all, presumably because the BIG-IP is messing with encrypted data -- SERVER_CONNECTED/SERVER_DATA does not seem to be the right event because this data is inserted TO the client instead of TO the server.

     

     

    Does anyone know what we are doing wrong?
  • bl0ndie_127134's avatar
    bl0ndie_127134
    Historic F5 Account
    Jun 08, 2006
    How about some thing like this.

    
    when SERVER_CONNECTED {
       TCP::respond "[clientside {IP::remote_addr}];"
    }
  • syedimam_147051's avatar
    syedimam_147051
    Icon for Nimbostratus rankNimbostratus
    Dec 08, 2015

    Hi Chris I am heaving same problem. One of my client wants to load balance protective monitoring application based on google buffer and wants to keep original source ip address. They don't want TCP option header to be used and just want to relay the traffic. I tried following irule with standard tcp profile in a test environment for standard http based application and it doesn't work. when SERVER_CONNECTED { TCP::respond "[clientside {IP::remote_addr}];" } Any help would be apprecaited. Thannks Syed