Persistence mirroring with irules
Hi, we are using iRules to direct traffic to a different pool, when traffic comes to the same VIP, but to a different HTTP host. For example: when HTTP_REQUEST { switch [string tolower [HTTP::host]] { wap.example.com { pool Pool_2 persist source_addr 255.255.255.255 12000 } } } The idea is that if "HTTP:host" is anything different form "wap.example.com", then the traffic goes to Pool_1. The iRule is assigned to a VIP. A persistence profile with Source Address Affinity is also assigned to the VIP. This persistence profile has mirroring enabled. The question is: How to enable persistence mirroring when the iRule directs traffic to Pool_2 for host "wap.example.com"?
table and HA
Hi, I am pretty sure after reading SOLs and description of table command that keys stored via table or subtable on active unit should be mirrored to standby (for given traffic group). I just would like to confirm if it's indeed the case and if possible that it is reliable in production. Question is if we can assume that data stored on active unit will be available on standby and in case of failover we can assume that data will be exactly the same - so iRule logic based on table stored data will work as expected. What bothers me a bit is how exactly this is working in case of sub/table stored keys. I assume connection mirroring has to be configured and enabled. Next StateMirror.MirrorSessions db var should be set to enabled (but if I am not wrong it is enabled by default?). For TCP session mirroring it has to be enabled per VS (Connection Mirroring checked) - I assume that only session entries related to this VS are mirrored to standby - not whole session table? What about iRule created sub/table keys? All are mirrored by default? Even if VS with iRule has not Connection Mirroring checked? What if we have Active-Active HA? Let's say sub/table keys are created via iRule attached to VS belonging to Traffic Group (TG) 1 active on device A, connection mirroring is enabled so keys should be copied to device B being standby for TG1. Then there is VS on device B belonging to TG2 (active on device B). Keys in sub/tables are created via iRule attached to this VS - again those should be copied to device A being standby for TG2. From table cmd description I have such statement I am not sure about: If the table command is used on the standby system in a HA pair, the command will perform a no-op because the content of the standby unit's session db should be updated only through mirroring. What exactly "will perform no-op" means? It seems no modifications could be performed - sounds logical. But is that mean no lookup operations can be performed as well? I am just curious if iRule on VS in TG1 can read keys created by iRule on VS in TG2 - in other words if iRule in TG1 can read copy (as device A is standby for TG2) of sub/table keys created by iRule on TG2. Last question is about info from SOL13478 "Note: Only FastL4 and SNAT connections are re-mirrored after failback." - what fallback means here? It's related to automtic fallback option for TG or to situation like that as well: TG1 active on device A - TG1 moved to device B (any reason, session table should contain up to date entries on device B) - device A back online/available, so it should became standby for TG1, table keys should be mirrored from device B to device A - TG1 migrated to device A - table keys up to date - or it won't work like that? Piotr
