cancel
Showing results for 
Search instead for 
Did you mean: 

F5 fallback pool

crosson_16669
Nimbostratus
Nimbostratus

Assume the below config. If all the members of dns-53-A are down how does the virtual server behave? Given that there is an irule to LB members to a different pool will the VS remain up even though his default pool is currently down? I understand that a VS's status will reflect the underlying pool but does it know to check pools you may have listed in your attached irule?

 

 

 

rule DNS_POOL_FALLBACK {

 

when CLIENT_ACCEPTED {

 

if { [active_members "dns-53-A"] < 1 } {

 

pool "dns-53-B"

 

}

 

}

 

}

 

 

pool dns-53-A {

 

monitor all dns_monitor and dns_monitor_tcp

 

members {

 

10.0.0.14:domain {}

 

10.0.0.15:domain {}

 

}

 

}

 

pool dns-53-B {

 

monitor all dns_monitor and dns_monitor_tcp

 

members {

 

172.16.0.14:domain {}

 

172.16.0.15:domain {}

 

172.16.0.114:domain {}

 

172.16.0.115:domain {}

 

}

 

}

 

virtual dns-tcp {

 

snat automap

 

pool dns-53-A

 

destination 10.1.0.15:domain

 

ip protocol tcp

 

rules DNS_POOL_FALLBACK

 

}

 

virtual dns-udp {

 

snat automap

 

pool dns-53-A

 

destination 10.1.0.15:domain

 

ip protocol udp

 

rules DNS_POOL_FALLBACK

 

}

 

 

3 REPLIES 3

nitass
F5 Employee
F5 Employee
i do see bigip still sending traffic to pool in irule.

 

 

[root@ve10:Active] config b virtual list virtual bar-tcp { snat automap pool foo-a destination 172.28.19.252:53 ip protocol 6 rules myrule } virtual bar-udp { snat automap pool foo-a destination 172.28.19.252:53 ip protocol 17 rules myrule } [root@ve10:Active] config b pool foo-a list pool foo-a { monitor all fake members 200.200.200.101:53 {} } [root@ve10:Active] config b pool foo-b list pool foo-b { members 200.200.200.111:53 {} } [root@ve10:Active] config b rule myrule list rule myrule { when CLIENT_ACCEPTED { if { [active_members "foo-a"] < 1 } { pool "foo-b" } } } [root@ve10:Active] config b self 200.200.200.253 list self 200.200.200.253 { netmask 255.255.255.0 unit 1 floating enable vlan internal allow default } pool is down [root@ve10:Active] config b pool foo-a|grep -i pool\ member +-> POOL MEMBER foo-a/200.200.200.101:53 inactive,down tcp [root@ve10:Active] config tcpdump -nni 0.0 not host 200.200.200.10 and port 53 or icmp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 108 bytes 05:09:49.349283 IP 172.28.19.251.42883 > 172.28.19.252.53: S 1658522725:1658522725(0) win 5840 05:09:49.349411 IP 172.28.19.252.53 > 172.28.19.251.42883: S 2911763653:2911763653(0) ack 1658522726 win 4380 05:09:49.350324 IP 172.28.19.251.42883 > 172.28.19.252.53: . ack 1 win 46 05:09:49.350466 IP 200.200.200.253.42883 > 200.200.200.111.53: S 992993099:992993099(0) win 4380 05:09:49.354379 IP 200.200.200.111.53 > 200.200.200.253.42883: S 2393792889:2393792889(0) ack 992993100 win 5792 05:09:49.354389 IP 200.200.200.253.42883 > 200.200.200.111.53: . ack 1 win 4380 05:10:02.351209 IP 172.28.19.251.42883 > 172.28.19.252.53: P 1:7(6) ack 1 win 46 [|domain] 05:10:02.351231 IP 200.200.200.253.42883 > 200.200.200.111.53: P 1:7(6) ack 1 win 4380 [|domain] 05:10:02.352216 IP 200.200.200.111.53 > 200.200.200.253.42883: . ack 7 win 46 05:10:02.451206 IP 172.28.19.252.53 > 172.28.19.251.42883: . ack 7 win 4386 udp [root@ve10:Active] config tcpdump -nni 0.0 not host 200.200.200.10 and udp port 53 or icmp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 108 bytes 05:11:13.351337 IP 172.28.19.251.44005 > 172.28.19.252.53: 30303+ A? www.google.com. (32) 05:11:13.351426 IP 200.200.200.253.44005 > 200.200.200.111.53: 30303+ A? www.google.com. (32)

crosson_16669
Nimbostratus
Nimbostratus
So would the VSERVER would remain up?

nitass
F5 Employee
F5 Employee
So would the VSERVER would remain up?status in gui is offline (enabled).

 

 

[root@ve10:Active] config b virtual VIRTUAL ADDRESS 172.28.19.252 UNIT 1 | ARP enable | (cur, max, limit, tot) = (0, 2, 0, 2) | (pkts,bits) in = (7, 3216), out = (4, 1760) +-> VIRTUAL bar-tcp SERVICE 53 | PVA acceleration none | (cur, max, limit, tot) = (0, 1, 0, 1) | (pkts,bits) in = (4, 1776), out = (4, 1760) | requests (total) = 0 +-> RULE myrule +-> CLIENT_ACCEPTED 2 total 0 fail 0 abort +-> POOL foo-a LB METHOD round robin MIN/CUR ACTIVE MEMBERS 0/0 | (cur, max, limit, tot) = (0, 0, 0, 0) | (pkts,bits) in = (0, 0), out = (0, 0) +-> POOL MEMBER foo-a/200.200.200.101:53 inactive,down | session enabled priority 0 ratio 1 | (cur, max, limit, tot) = (0, 0, 0, 0) | (pkts,bits) in = (0, 0), out = (0, 0) | requests (total) = 0 VIRTUAL ADDRESS 172.28.19.252 UNIT 1 | ARP enable | (cur, max, limit, tot) = (0, 2, 0, 2) | (pkts,bits) in = (7, 3216), out = (4, 1760) +-> VIRTUAL bar-udp SERVICE 53 | PVA acceleration none | (cur, max, limit, tot) = (0, 1, 0, 1) | (pkts,bits) in = (3, 1440), out = (0, 0) | requests (total) = 0 +-> RULE myrule +-> CLIENT_ACCEPTED 2 total 0 fail 0 abort +-> POOL foo-a LB METHOD round robin MIN/CUR ACTIVE MEMBERS 0/0 | (cur, max, limit, tot) = (0, 0, 0, 0) | (pkts,bits) in = (0, 0), out = (0, 0) +-> POOL MEMBER foo-a/200.200.200.101:53 inactive,down | session enabled priority 0 ratio 1 | (cur, max, limit, tot) = (0, 0, 0, 0) | (pkts,bits) in = (0, 0), out = (0, 0) | requests (total) = 0