Forum Discussion

xuwen's avatar
xuwen
Icon for Cumulonimbus rankCumulonimbus
Oct 19, 2021
Solved

F5 LTM TCP traffic can't be meet this require

topology: client( 30.1.1.1 )------->VS( 200.1.1.100:23)-------------->pool members(router1: 192.168.40.1:23 router2:192.168.40.2:23) The scenario is as follows: vs 200.1.1.100 vs port 23, pool n...
  • xuwen's avatar
    Dec 06, 2022

    Last year, I came up with a solution. Linux shell can be used for any node, and I can also use icall (the disadvantage is that when add some new pool members, I have to add icall configuration)

    The method is to add a ping detection to the Linux shell. If the ping timeout occurs, it will  tmsh delete the node session;

    you need to pay attention to BIGIP version(V12.1.6 can support nc -z command), some high version(in Centos 7+ system) can not support nc -z

    you can use status=`echo -e "admin" | /usr/bin/nc -w 1 $node_ip 22 &>/dev/null;echo $?`

    #!/bin/sh
    
    #
    # (c) Copyright 1996-2006, 2010-2013 F5 Networks, Inc.
    #
    # This software is confidential and may contain trade secrets that are the
    # property of F5 Networks, Inc.  No part of the software may be disclosed
    # to other parties without the express written consent of F5 Networks, Inc.
    # It is against the law to copy the software.  No part of the software may
    # be reproduced, transmitted, or distributed in any form or by any means,
    # electronic or mechanical, including photocopying, recording, or information
    # storage and retrieval systems, for any purpose without the express written
    # permission of F5 Networks, Inc.  Our services are only available for legal
    # users of the program, for instance in the event that we extend our services
    # by offering the updating of files via the Internet.
    #
    # @(#) $Id: //depot/maint/bigip12.1.6/tm_daemon/monitors/sample_monitor#1 $
    #
    
    
    #
    # these arguments supplied automatically for all external pingers:
    # $1 = IP (::ffff:nnn.nnn.nnn.nnn notation or hostname)
    # $2 = port (decimal, host byte order)
    # $3 and higher = additional arguments
    # 
    # $MONITOR_NAME = name of the monitor
    # 
    # In this sample script, $3 is the regular expression
    #
    
    # Name of the pidfile
    pidfile="/var/run/$MONITOR_NAME.$1..$2.pid"
    
    # Send signal to the process group to kill our former self and any children 
    # as external monitors are run with SIGHUP blocked
    if [ -f $pidfile ]
    then
       kill -9 -`cat $pidfile` > /dev/null 2>&1
    fi
    
    echo "$$" > $pidfile
    
    # Remove the IPv6/IPv4 compatibility prefix 
    node_ip=`echo $1 | sed 's/::ffff://'`
    
    # Using the nc utility to get data from the server. 
    # Search the data received for the expected expression.
    
    # status=`echo -e "admin" | /usr/bin/nc -w 1 $node_ip 22 &>/dev/null;echo $?`
    status=`/usr/bin/nc -w 1 $node_ip -z 22 &>/dev/null;echo $?`
    ping_result=`ping -c1 -w1 $node_ip &>/dev/null;echo $?`
    if [ $status -eq 0 ]
    then
    # Remove the pidfile before the script echoes anything to stdout and is killed by bigd      
        rm -f $pidfile
        echo "up"
    elif [ $ping_result -eq 1 ]
    then
        rm -f $pidfile
        tmsh delete /sys connection ss-server-addr $node_ip ss-server-port $2 &>/dev/null
        exit
    fi
    
    # Remove the pidfile before the script ends
    rm -f $pidfile