UDP TCP Packet Duplication
Problem this snippet solves:
This iApp provides full configuration of UDP/TCP packet duplication. It is commonly used to duplicate Syslog, SNMP Traps, Netflow, and Sflow data streams to multiple vendor solutions or customers. It also provides fault tolerance capabilities within each duplicated destination. By pointing Network devices, Appliances, and Servers to a VIP distributing network management traffic modifying distribution of streams can be done in one centralized location. UDP packets retain the original source address when sending to the destination locations.
Notes:
- Prior to 11.5 you must add an IPv6 address to any interface to allow for HSL traffic to be sent to the distribution virtual fdf5::1/64 fdf5::2/64 for an HA pair would do it.* TCP traffic does not maintain original source
- Internal F5 Resources can demo this solution within the UDF environment using the blueprint named "Traffic Duplication Demo"
Contributed by: Ken Bocchino
20200807 - Updated to v2.2
How to use this snippet:
Published Mar 11, 2015
Version 1.0
Sp33dy_156082Nimbostratus
Hi,
I'm also using this duplicator and it works fine. The only thing is that it uses source port 0 for traffic sent to the 2 destinations. According to RFC Firewalls don't allow this traffic with source port 0. Do you guys have the same issue or am i doing something wrong?
Please let me know.
Thx.
MauzAltostratus
Does this IApp works if the clone is in a different subnet from the LTM's subnet
- Mauz
Does this IApp works if the clone pool member is in a different subnet from the LTM's subnet?
- Sp33dy_156082
I have it working to two different IP's in different subnets. Just make sure you're routing is ok.
edolton_204031@Sp33dy
I see the same thing with the source port being 0. Its an issue for me since they want the backend servers to ACK the traffic. Let me know if you found a solution
- Sp33dy_156082
@edolton
I fixed this by stripping of the restriction from the IAPP and change the sourceport to preserve on the Virtual Server (both the virtual servers created by the IAPP). Now everything works fine!
Regards,
Maarten
- edolton_204031
Thanks! i made the same change. It doesn't seem to keep the original source but increments a non-zero port 9011 then 9012 then 9013 etc. I'll see if this works for me. Thanks!
kdt0078Having an issue with this iAPP on 11.6.1. It looks like it creates two virtual servers xxx_distribute and xxx_udp. Looks like the destination address on the xxx_distribute is a dummy ipv6 address and the xxx_udp virtual server is not forwarding traffic.
Has this been plug-n-play for those of you who have it working?
- Jacob_Creech_33
I am wanting to use this IApp as well and would like to know if there is some documentation on this to explain the setup process a little more.
Currently, I have UDP traffic coming in on 7 different ports to a server. When these packets are successfully written to a database table the service will send an ACK back to the device. So I would like to use this IApp to keep current traffic going to my production environment as well as duplicate this traffic to a QA server but not allowing the ACK to be sent back from the QA server. Will this be possible with this IApp.
- Jacob_Creech_33
I finally got this IApp working.... FYI I had to remove tags from the VLANs if I used tags it would not replicate the traffic once I removed them it started working.
Now I have a new issue I am getting the incoming traffic but the ACT is not making it back to the device. I can see that the ACT is being generated and sent from the server but it is not making it back to the device. Any help would be greatly appreciated.