iRule to close an established connection
I have tcp (not http) based service where client connections are permanent. By that I mean that once a connection to a pool member gets established its stays there 24x7. The pool has 2 pool members configured with priority group. The first pool member has priority 2 and the second one priority 1, with a Less than '1' value for Priority Group Activation. The pool also has the setting of 'Reject' for 'Action On Service Down'. That takes care of any scenario where a pool member is marked down by health monitors. Whenever a highest priority pool is marked down by health monitors all established connections to that pool members get closed automatically. The client applications immediately try to reconnect and get established connections to the second pool member with the lower priority. So far, everything is exactly what we want to accomplish. The challenge comes when the higher priority pool member is marked up/available once again. We're looking for an automatic way to close the already established connections to the lower priority pool member as soon as the higher priority pool member becomes available. Is there a way to do so? Not sure what event I should use for an already established connection. First ones that came to mind were LB_SELECTED and CLIENT_ACCEPTED. So far, I've tried the following options without any results: when LB_SELECTED { if { [LB::status pool poolname member 10.0.0.1 80 ] equals "up" and [IP::addr [LB::server addr] equals 10.0.0.2] } { reject } } when LB_SELECTED { if { [LB::status pool poolname member 10.0.0.1 80 ] equals "up" and [IP::addr [LB::server addr] equals 10.0.0.2] } { LB::reselect pool poolname member 10.0.0.1 } }1.3KViews0likes5CommentsPriority group activation and automatically closing connections when higher priorty group goes UP.
Hello we have a configuration where in one pool there are 6 nodes with 2 priority groups of 3 nodes each. 3 nodes with piriority group 1 (backup) 3 nodes with priority group 10 (primary). Priority group activates when there are less than 2 active members on primary group. So far It works like it should. But we would also need to: 1) close all connections to the backup PG when the primary PG becomes available again, 2) it would be great to create a delay/timer of 2-3 min from the time primary PG goes up and time ofclosing all the connections in the backup PG. We have achieved something similar using HA proxy using below configuration, but we would like to have this functonality on F5 LTM: server rabbit1a <ip addres>:5671 check send-proxy inter 3s fall 3 rise 2 on-marked-up shutdown-backup-sessions server rabbit2a <ip addres>:5671 check send-proxy inter 3s fall 3 rise 2 on-marked-up shutdown-backup-sessions server rabbit3a <ip addres>:5671 check send-proxy inter 3s fall 3 rise 2 on-marked-up shutdown-backup-sessions server rabbit1b <ip addres>:5671 check send-proxy backup server rabbit2b <ip addres>:5671 check send-proxy backup server rabbit3b <ip addres>:5671 check send-proxy backup Is it possible on F5? I guess its not something that we can achive from pure GUI so we would need to use iRules? What events/actions would be usefull in this case?1.5KViews0likes12Comments