Forum Discussion
Chris_Day_10331
Nimbostratus
NimbostratusTerminal Services Persistence + iRules
Good morning from Vancouver, BC!
One of our customers in Edmonton is using BIG-IP for the primary purpose of load balancing terminal services (RDP) connections. They have a requirement that should a user get disconnected, the BIG-IP is able to determine and redirect the re-connecting client back to "their" terminal server. It has been working OK without session directory (which, in my mind, is too much of a nuissance since a Windows cluster must exist between all pool members). Essentially, without session directory BIG-IP is able to read the "on connect" username (as specified, for example, in the MS RDP client's "User name:" field). The question below explains the symptoms encountered by the client:
Were presently using the BigIP persistence to the TS servers without session directory. This is working fine unless a user types DKnox the first time which sets a persistence value of DKnox. After a disconnect they decide to enter only dknox, The BigIP thinks its a different user and connects them do a different server. Is there a way to make this not case sensitive?
I was wondering if it might be possible to use an iRule to strtolower() the "on connect" (sorry for the lack of terminology here) username to avoid this problem? Any ideas?
Thanks in advance for reading.
Cheers,
Chris Day
9 Replies
- JRahm
Admin
OK, how do you post links correctly?? - JRahmYou'll want less than that, it is optimized for using session directory. In your case, you just want to find the string mstshash=........, run string tolower against it, and then persist on that value, correct? Let me spend a few minutes altering this and I'll send a guess back your way.
Chris_Day_10331You appear to be "the man". Yes, that is correct we are not running session directory.
Thanks again.- JRahmI'm just one of many messengers of the great work that the developers do here at DevCentral. Most of my contributions are rehashed from their posts. Try this:
when CLIENT_ACCEPTED { TCP::collect } when CLIENT_DATA { TCP::collect 25 binary scan [TCP::payload] x11a* msrdp if { [string equal -nocase -length 12 $msrdp "cookie: msts"] } { set msrdp [string range $msrdp 12 end] set len [string first "\n" $msrdp] if { $len == -1 } { Didnt get whole cookie collect more TCP::collect return } if { $msrdp starts_with "hash=" } { No session directory - username used instead if { $len > 5 } { incr len -1 set record [string tolower [string range $msrdp 5 $len] ] log "adding persistence record - $record" persist uie $record 1801 adjust your timeout (in seconds) } else { log "No username - not persisting" } } } else { log "Cookie not found" } TCP::release } - Posted By citizen_elah on 12/09/2005 7:45 AM
OK, how do you post links correctly??
Surround the url with "url", and "/url" surrounded by brackets. We've disabled HTML inputs to avoid cross-site scripting exploits. This will result in a "Click Here" link to be created (I know it's lame to not have the URI as the description but the internal parsing implementation just does string replacements and I've been a bit to lazy to try to fix it.
Here's how I do my links
[ quote ]http://www.foo.com
[ url ]http://www.foo.com[ /url ][ /quote ]
Just remove the spaces in the brackets and you should be set.
I'll look at adding an smilie link on the right in the editor to add the url tags like I have for code, quotes, bold, and italic.
-Joe - No, thanks go to you! It's users like you that really make this community "work".
-Joe - JRahm
- JRahmYeah, you'd think that I'd have figured this out a year or so ago. I am an application idiot.
