Forum Discussion
Fredrik_Lindgre
Nimbostratus
NimbostratusStrange behavior by LB::select
Hello,
I have a specific problem that I'm trying to solve. I need to send UDP traffic to specific pools and ports based on source IP. I have written a small iRule that should work for this but I'm having problems with LB::select. Specifically it's not returning anything at all when the VIP is using an UDP profile. If I switch it to TCP it works as described on the Wiki.
Also, when using TCP and LB::select returns the expected data, "eval"-ing it does not work. It does not change the port as expected.
This is the code:
when CLIENT_ACCEPTED {
log local0. "Radius query from [IP::client_addr]"
switch [IP::client_addr] {
"10.1.1.1" {
set pool_selection "pool-00"
set port_selection "5001"
}
"10.1.1.2" {
set pool_selection "pool-01"
set port_selection "5004"
}
default {
not known source, drop packet.
log local0. "Unknown source, dropping..."
drop
}
}
log local0. "Will try for pool $pool_selection and port $port_selection"
pool $pool_selection
set selection [LB::select]
set final_selection [lreplace $selection 4 4 $port_selection]
log local0. "LB-select output: $selection -> $final_selection"
eval $final_selection
}
And this is the output, first with UDP:
May 15 20:16:25 tmm tmm[1135]: Rule test-irule1 : Radius query from 10.1.1.2
May 15 20:16:25 tmm tmm[1135]: Rule test-irule1 : Will try for pool pool-01 and port 5004
May 15 20:16:25 tmm tmm[1135]: Rule test-irule1 : LB-select output: -> 5004
May 15 20:16:25 tmm tmm[1135]: 01220001:3: TCL error: Rule test-irule1 - invalid command name "5004" while executing "5004" ("eval" body line 1) invoked from within "eval $final_selection"
and with TCP:
May 15 20:15:36 tmm tmm[1135]: Rule test-irule1 : Radius query from 10.1.1.2
May 15 20:15:36 tmm tmm[1135]: Rule test-irule1 : Will try for pool pool-01 and port 5004
May 15 20:15:36 tmm tmm[1135]: Rule test-irule1 : LB-select output: pool pool-01 member 192.168.1.10 0 -> pool pool-01 member 192.168.1.10 5004
May 15 20:15:36 tmm tmm[1135]: Rule test-irule1 : in LB_SELECTED
May 15 20:15:36 tmm tmm[1135]: Rule test-irule1 : pool: pool-01
May 15 20:15:36 tmm tmm[1135]: Rule test-irule1 : addr: 192.168.1.10
May 15 20:15:36 tmm tmm[1135]: Rule test-irule1 : port: 0
As you can see it's dosen't quite work in the TCP-case either, it ignores the port that is quite clearly present in the pool-command that is evaluated.
Any ideas what could be going on? I'm mostly interested in the UDP case since that what I need to get working. The TCP-one was just for troubleshooting.
Regards,
Fredrik Lindgren
What_Lies_Bene1Cirrostratus
Hmmm. The rule seems overly complicated. Why not just use the pool command with the desired parameters and be done instead of using LB::select and eval etc.
nitassEmployee
I'm having problems with LB::select. Specifically it's not returning anything at all when the VIP is using an UDP profile.i came across this issue as well a week ago. i already opened case with support and it seems to be a bug but i am waiting for confirmation and the bug id (if it is).
Also, when using TCP and LB::select returns the expected data, "eval"-ing it does not work. It does not change the port as expected.have you tried to globally disable cmp?- nitassi came across this issue as well a week ago. i already opened case with support and it seems to be a bug but i am waiting for confirmation and the bug id (if it is). bug 421708 is created. it is not fixed yet.
Bug 421708 - LB::select on UDP or fastL4 connection may return empty data