Supporting RTSP-UDP

Question

Hi,
I'm relatively new to F5 so please bare with me.
My company is using F5's BIGIP v12.1.1
My organization is attempting to support RTSP protocol via F5.
RTSP works much like FTP where there is a control and data channel - the control channel negotiates the UDP session params (ips, ports, etc.) and data is transferred over UDP.
Now I've tried applying the RTSP profile on the relevant VS (the naive solution) which did not work.
Then I proceeded to writing an iRule which reads the negotiation information into variables and attempts to open a sub-session using relate_server function - seems to be a problem with relate_server:
when SERVER_CONNECTED {
log "rtsp: Test_iRule2 connection from [IP::client_addr]:[TCP::client_port]. \

Mapped [serverside {IP::local_addr}]:[serverside {TCP::local_port}] \
-&gt; [IP::server_addr]:[serverside {TCP::remote_port}]"
  }
when RTSP_RESPONSE {
    set mark "mark1"
    log local0. "$mark: received RTSP request"
if { [RTSP::header value "Transport"] ne "" &amp;&amp; [RTSP::header value "Transport"] contains "server_port" } {
    set transport [string tolower [RTSP::header value "Transport"]]
    log local0. "$mark: 0.1 $transport"

set ::client_addr [IP::client_addr]
    set ::server_addr [IP::server_addr]
    set ::snat_addr [IP::local_addr]
    set ::client_port [findstr $transport "client_port=" 12 ";"] 
    set ::server_port [findstr $transport "server_port=" 12 ";"]

set fields [split $::client_port "-"]
    log local0. "$mark:client_list: $fields"

foreach field $fields {
        log local0. "$mark: client field list returned $field"
    }

set ::client_port1 [lindex $fields 0]
    set ::client_port2 [lindex $fields 1]

log local0. "$mark: client_port1: $::client_port1 client_port2: $::client_port2"

set fields [split $::server_port "-"]
    log local0. "$mark:server_list: $fields"

foreach field $fields {
        log local0. "$mark: server field list returned $field"
    }

set ::server_port1 [lindex $fields 0]
    set ::server_port2 [lindex $fields 1]

log local0. "$mark: server_port1: $::server_port1 server_port2: $::server_port2"

log local0. "$mark: $::snat_addr $::server_addr $::client_addr 
    $::client_port $::server_port"

log local0. "client_addr $::client_addr client_port1 $::client_port1 server_addr $::server_addr server_port1 $::server_port1 "

relate_server {
          proto 17

clientflow ExternalL310Gb $::server_addr $::server_port1 $::server_addr $::server_port1
          serverflow FrontAPI       $::snat_addr $::client_port1 $::server_addr $::server_port1

}

relate_server {
          proto 17

clientflow ExternalL310Gb $::server_addr $::server_port2 $::server_addr $::server_port2
          serverflow FrontAPI       $::snat_addr $::client_port2 $::server_addr $::server_port2

}

unset ::client_port1
    unset ::client_port2
    unset ::server_port1
    unset ::server_port2
    unset ::client_addr
    unset ::server_addr
    unset ::snat_addr
    unset ::client_port
    unset ::server_port
    unset transport
    unset mark

}

liraz_311383 · Answer

More information:&nbsp;
Here's the log output:&nbsp;
Jun  8 10:43:42 slot1/pa-lb4 info tmm[4687]: Rule /Common/liraz-test-irule : mark1: received RTSP request
Jun  8 10:43:42 slot1/pa-lb4 info tmm[4687]: Rule /Common/liraz-test-irule : mark1: 0.1 rtp/avp/udp;unicast;client_port=50560-50561;mode=record;source=64.215.193.200;server_port=6988-6989
Jun  8 10:43:42 slot1/pa-lb4 info tmm[4687]: Rule /Common/liraz-test-irule : mark1:client_list: 50560 50561
Jun  8 10:43:42 slot1/pa-lb4 info tmm[4687]: Rule /Common/liraz-test-irule : mark1: client field list returned 50560
Jun  8 10:43:42 slot1/pa-lb4 info tmm[4687]: Rule /Common/liraz-test-irule : mark1: client field list returned 50561
Jun  8 10:43:42 slot1/pa-lb4 info tmm[4687]: Rule /Common/liraz-test-irule : mark1: client_port1: 50560 client_port2: 50561
Jun  8 10:43:42 slot1/pa-lb4 info tmm[4687]: Rule /Common/liraz-test-irule : mark1:server_list: 6988 6989
Jun  8 10:43:42 slot1/pa-lb4 info tmm[4687]: Rule /Common/liraz-test-irule : mark1: server field list returned 6988
Jun  8 10:43:42 slot1/pa-lb4 info tmm[4687]: Rule /Common/liraz-test-irule : mark1: server field list returned 6989
Jun  8 10:43:42 slot1/pa-lb4 info tmm[4687]: Rule /Common/liraz-test-irule : mark1: server_port1: 6988 server_port2: 6989
Jun  8 10:43:42 slot1/pa-lb4 info tmm[4687]: Rule /Common/liraz-test-irule : mark1: 64.215.193.200 192.168.11.141 62.0.105.133          50560-50561 6988-6989
Jun  8 10:43:42 slot1/pa-lb4 info tmm[4687]: Rule /Common/liraz-test-irule : mark1: received RTSP request
Jun  8 10:43:53 slot1/pa-lb4 info tmm[4687]: Rule /Common/liraz-test-irule : mark1: received RTSP request&nbsp;
Can't seem to crack this one.
Once this failed, I tried creating a VS to catch all UDP traffic against that ip and forward it to the server as is (no source translation), while another VS handles all tcp 554 traffic to this server (RTSP control channel)&nbsp;

Forum Discussion

Supporting RTSP-UDP

1 Reply

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

Support and Help for DevCentral and Offline Contact

Securing Applications using mTLS Supported by F5 Distributed Cloud

Cipher Suites Supported (12.1.5.3)

APM Configuration to Support Duo MFA using iRule

Support of WAF Signature Staging in F5 Distributed Cloud (XC)