Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Can iRules identify specific protocols?

kdw313
Nimbostratus
Nimbostratus

‎28-Jun-2023 22:37

Hi.

The feature I am trying to implement is to apply QoS for critical protocols like BGP and BFD,

I received a response that there does not seem to be a separate function for Case Open results, and that it is possible to apply QoS with iRule, but it is not possible to identify the protocol.

Q ) Is there any way to identify only BGP protocol using iRule?

Thank you.

Labels:
0 Kudos
2 REPLIES 2

whisperer
Cumulonimbus
Cumulonimbus

‎29-Jun-2023 06:22

No. You should use a NGFW like Palo Alto with Content ID for this. Performing QoS and on the fly content identification is not a role for the F5.

0 Kudos

JRahm
Community Manager
Community Manager

‎29-Jun-2023 19:15

Hi @kdw313, if this is through-traffic that BIG-IP is handling and not an endpoint BGP speaker that you are referencing, you should be able to use an iRule with the binary scan command to check for BGP open messages. The value for the open message should be 1 in the 19th byte of the TCP payload. untested, but this should get you started:

when CLIENT_ACCEPTED {
    TCP::collect 19
}
when CLIENT_DATA {
    binary scan [TCP::payload] @18c bgp_message_type
    if {$bgp_message_type eq "\x01"} {
        log local0. "BGP Open message detected!"
    }
    TCP::release
}
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
https://twitter.com/jasonrahm
https://www.youtube.com/devcentral
Copyright © 2023 Khoros, LLC