Forum Discussion

CraigM_17826's avatar
CraigM_17826
Icon for Altostratus rankAltostratus
Jul 05, 2012

VIP behaviour question

Hi everyone. Our company uses PeopleSoft for it's CRM and student managment system. As part of our migration to the cloud they bought in an Oracle specialist in PeopleSoft to redesign the architecture of PeopleSoft so it scales better. One of the changed is that they requested a VIP to load balance Jolt requests. I have no idea what Jolt is, but the way they explained what they needed made it sound realtively simple. What we have is a VIP listeningn on port 9000. This VIP has a pool associated with it. This pool has 4 members listening on port 12300. There is no iRule or http profile assigned to the VIP, SNAT is enabled on it.

 

 

 

What I expected was that any incomming connection to that VIP on port 9000 would be handed off to one of the pool members on port 12300. What appears to be happening is that the initial connection to th VIP on port 9000 happens but then nothing..no traffic flow that we can tell occurs to the pool members. To test this out I set a tail -f on the Jolt logfile and watched it whilst I telneted to the Jolt port on the pool member node. A few keystrokes caused the Jolt listner to close the session with a error

 

 

ERROR: Unrecognized message magic 1935960683

 

 

If I attempt the same test via the BigIP VIP nothing seems to happens at all, the telnet session seems to accept as many keystrokes as I can enter. It almost seems as if the VIP is buffereing the data or something. So, I decided to create a simple iRUle to log any new connections and what pools and pool members are being used when a connection via the VIP occurs. I repeated the telnet test and saw a log entry upon the initial connection to the BigIP VIP, but nothing else until I closed the telnet session, where upon the log entries displayed the payload (which showed the keys strokes I had entered) and then which pool node it connected to. So I am a little lost, I do not know if the BigIP is at fault or if my tests are invalid. Should the BigIP be passing the data through as it enters the VIP unbuffered?

 

 

The cloud BigIP is running BIG-IP 11.1.0 Build 2179.0 Hotfix HF3.

 

 

 

tia

 

 

 

Craig

 

 

 

 

application delivery
dev
devops
iRules

2 Replies

Sort By
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jul 05, 2012
    have you tried tcpdump?

    for irule, to get payload i understand you need collect it using TCP::collect.

    TCP::collect wiki

    https://devcentral.f5.com/wiki/iRules.tcp__collect.ashx

    e.g. 

    [root@ve10:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.79:80
   ip protocol 6
   rules myrule
}
[root@ve10:Active] config  b pool foo list
pool foo {
   members 200.200.200.101:80 {}
}
[root@ve10:Active] config  b rule myrule list
rule myrule {
   when CLIENT_ACCEPTED {
   log local0. ""
   TCP::collect
}
when CLIENT_DATA {
   log local0. ""
   log local0. [TCP::payload]
   TCP::release
   TCP::collect
}
when SERVER_CONNECTED {
   log local0. ""
   log local0. "clientside [IP::client_addr]:[TCP::client_port] -> [clientside {IP::local_addr}]:[clientside {TCP::local_port}]"
   log local0. "serverside [IP::local_addr]:[TCP::local_port] -> [IP::remote_addr]:[TCP::remote_port]"
   TCP::collect
}
when SERVER_DATA {
   log local0. ""
   log local0. [TCP::payload]
   TCP::release
   TCP::collect
}
}

[root@ve10:Active] config  tail -f /var/log/ltm
Jul  5 16:53:29 local/tmm info tmm[5111]: Rule myrule :
Jul  5 16:53:29 local/tmm info tmm[5111]: Rule myrule :
Jul  5 16:53:29 local/tmm info tmm[5111]: Rule myrule : HEAD / HTTP/1.1  User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5  Host: 172.28.19.79  Accept: */*
Jul  5 16:53:29 local/tmm info tmm[5111]: Rule myrule :
Jul  5 16:53:29 local/tmm info tmm[5111]: Rule myrule : clientside 172.28.19.251:36022 -> 172.28.19.79:80
Jul  5 16:53:29 local/tmm info tmm[5111]: Rule myrule : serverside 200.200.200.10:36022 -> 200.200.200.101:80
Jul  5 16:53:29 local/tmm info tmm[5111]: Rule myrule :
Jul  5 16:53:29 local/tmm info tmm[5111]: Rule myrule : HTTP/1.1 200 OK  Date: Thu, 05 Jul 2012 09:05:28 GMT  Server: Apache/2.2.3 (CentOS)  Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT  ETag: "4183e4-3e-9c564780"  Accept-Ranges: bytes  Content-Length: 62  Content-Type: text/html; charset=UTF-8
  • Manny_Flores_18's avatar
    Manny_Flores_18
    Icon for Nimbostratus rankNimbostratus
    Feb 23, 2015

    We are considering the same solution. Were you successful?

     

    Oracle specialist in PeopleSoft to redesign the architecture of PeopleSoft so it scales better. One of the changed is that they requested a VIP to load balance Jolt requests.