One Connect not keeping connection open on HTTP 204 No Content
We have an application that returns a 'HTTP 204 No Content' response on 99% of all requests. These connections are being kept open and reused on the client side of the F5. The problem is the Load Balancer closes these connections on the server side right after the HTTP 204 RESPONSE is received from the server. When we send a HTTP 200 the connection is kept open and reused(normal One Connect operation). Is there an iRule that we can apply to the VIP to keep the connection open even when the Server returns a 'HTTP 204 No Content'? Thanks542Views0likes9CommentsURL rewrite through iRule
Hi Guys, i have one "Performance (HTTP)" virtual server on F5-1600 series, and i want to change the URL "http://www.abc.com" to "http://partner.abc.com/xyz". i have tried all below scripts : 1- when HTTP_REQUEST { if {([string tolower [HTTP::host]] equals "http://www.abc.com")}{ HTTP::header replace Host "http://partner.abc.com/xyz" } } 2- when HTTP_REQUEST { if { not ([HTTP::uri] starts_with "/xyz") } { HTTP::uri /xyz[HTTP::uri] } } 3- when HTTP_REQUEST { if {[HTTP::uri] equals {http://www.abc.com}} {HTTP::uri {http://partner.abc.com/xyz} } } but i wasn't successful! can anyone help me how can i do this through iRule ?Solved9KViews0likes27Commentshigh cpu usage independent from Traffic
Hello, we've recognised since a few weeks every day for about 4 hours from 9 to 13 very high cpu-usage on Control-Plane and Analysis-Plane. Overall concurrent Client-side connections between 1200 and 1800 That's also on the standby-Machine, so it's independent from Traffic (this F5 is for Traffic from Web and terminates ssl) the hardware is i4800, but it's the same on our virtual Test-Machine Version: 16.1.3.3, on Test: 16.1.3.4 Any hint, where to look for the cause? Thank you KarlSolved4.1KViews0likes13CommentsLTM - IP Fowarder Performance issues (Stateless Router config)
Hi All, Wondering if anyone else has issues with using an IP Forwarder in the manner described in this article (Specifically - Emulating stateless IP routing with BIG-IP LTM forwarding virtual servers): https://support.f5.com/kb/en-us/solutions/public/7000/500/sol7595.html. Here's the scenario.... VLAN attached behind the BIG-IP, which has the web servers on. MSSQL servers sat on a VLAN reachable through the BIG-IP. The connections all work, just if SQL traffic isn't routed through the BIG-IP, it works fine. Otherwise, behind the BIG-IP, there is severe delays. I'd suggest it be a good idea not to route this through the BIG-IP, but I wondered what the F5 communities' take on this would be. In short....Simple IP Forwarder (Stateless) for mssql traffic... Good or bad idea? Thanks, JD416Views1like4Commentstcpdump portrange option
Hi everyone, I'm trying to capture traffic directed to a certain range of tcp ports with tcpdump. When using the "portrange" expression I get a syntax error: tcpdump -i -s0 -w capture_file.trc portrange 8080-8082 tcpdump: syntax error in filter expression Is this expression supported on BIG-IP (1600 10.2.4 HF5)? Thanks in advance, Regards. moog67Solved13KViews0likes8CommentsThroughput dashboard / SNMP OID / tmsh show sys performance throughput
Throughput in the dashboard displays information In Out in bps I've added the following in OID in PRTG Network Monitor : sysStatClientBytesIn (.1.3.6.1.4.1.3375.2.1.1.2.1.3) sysStatClientBytesOut (.1.3.6.1.4.1.3375.2.1.1.2.1.5) sysStatServerBytesIn (.1.3.6.1.4.1.3375.2.1.1.2.1.10) sysStatServerBytesOut (.1.3.6.1.4.1.3375.2.1.1.2.1.12) https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos_management_guide_10_1 /tmos_snmp.html1038911 states information about the SNMP values used. tmsh show sys performance throughput (detail) These 3 values don't match. We are working on an older version software, 11.1.0 HF2. Upgrades are already planned. I understand that the dashboard gives a certain summary from the values. But what I don't understand is that the values from the SNMP differ from the show sys performance. Can someone explain me how I should interpret the information.604Views0likes5CommentsOneConnect, no HTTP profile, still per HTTP request LB?
Hi, My understanding was that one of the functions of service or protocol profiles is to allow LTM to decode, understand and manipulate protocol data at given layer. In Overview of the OneConnect profile there is statement: When a OneConnect profile is enabled for a TCP virtual server that does not have an HTTP profile applied, and a client sends multiple requests within a single connection, the BIG-IP system is able to process each request individually. The BIG-IP system sends the requests to different destination servers as determined by the load balancing method. Without a OneConnect profile enabled for the virtual server, the BIG-IP system performs load-balancing only once for each TCP connection. Is OC profile exception from the rule that to understand and handle traffic at given layer appropriate layer profile should be used? From above it looks like having only TCP profile and OC profile allows LTM to understand that TCP stream is carrying HTTP traffic and recognize HTTP requests, and in turn apply LB not per TCP connection but per HTTP request in given TCP connection. If so what is that mean for VS without persistence set and for example Round Robin LB? Without OC first TCP connection will be LB to first member, second to second and so on With OC first TCP connection (and in turn first HTTP request) will be LB to first server, second HTTP request in the same TCP connection to second server and so on Piotr665Views0likes26CommentsHTTP ERROR: Couldn't open socket connection to server http://....... prior to connect()
Hi Guys: There is a solution balancing links with two Big-IP 2000s Lik Controller, is working properly. The solution is working with the functionality of the Wide-IPs actually it has 11 wide-IPs and are working well, but there is one that is generating connectivity issues and presents a random error. Apparently this error occurs when large numbers of queries are made. -ERROR: wsdl error: Getting http://app.domain.com.pe/edi/sisws.asmx?wsdl - HTTP ERROR: Couldn't open socket connection to server http://app.domain.com.pe/edi/sisws.asmx?wsdl prior to connect(). This is often a problem looking up the host name. I describe the flow Connection of this web service that is having problems. The user searches the web delegated by the ISP CNAME to F5 The F5 responds with app.b.domain.com.pe (Wide-IP) and the user shows the website. The user enters the correct page and authenticates when you perform a query operation is when a patient presents random error lines shown above. -FLOW. app.domain.com.pe (ISP-CNAME) >>> app.b.domain.com.pe (F5) >>> vs_ISP1, vs_ISP2 >>> Pool_APP (1 member) I really do not know what would be happening, since the service worked fine before configure you as Wide-IP. That is, when only estab configured as virtual server only worked well, but when the wide-ips are set up to be swinging by two bonds (DNS resolution) start these problems. -Wide-IP gtm pool /Common/app.domain.com.pe { fallback-mode ratio load-balancing-mode least-connections members { /Common/LB1.domain.com.pe:/Common/vs_CLARO_APP { order 0 } /Common/LB1.domain.com.pe:/Common/vs_TdP_APP { order 1 } } } Note: I could see that in the wide-IP is configured TTL default (30 seconds). This could be causing me this error on page when making inquiries or information recorded on the website. I hope some of you can give me some support on this issue that has become critical. Regards. John733Views0likes1CommentAAM IBR and browser conditional GET - expert advice needed
Hi, I am trying to figure out why browser is performing conditional GET instead of imediatelly retrieve object from local cache. Browser is connecting to VS with Web Acceleration AAM enabled profile assigned. IBR is working as I can see hash added to objects, Cache-Control headers are present. Still each time page is reloaded for all objects conditional GET is issued. That makes IBR less than optimal as there is no saving on RTT for conditional GETs. Below transactions for one object First page load, clean cache GET /Portals/0/portal.css;wa42c972a572376dab?cdv=545 HTTP/1.1 Host: www.host.com Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip, deflate, sdch Accept-Language: pl-PL,pl;q=0.8,en-US;q=0.6,en;q=0.4 Cookie: .ASPXANONYMOUS=ksN9_Z2-0AEkAAAAMWU0NGU1M2QtZWYxNy00ZjYzLTllM2UtODBiZTM1ZGRiNWQ40; ASP.NET_SessionId=0qsuljchcmws3rnxe5u1mrh4; _gat=1; _gat_agregate=1; _gat_sklepagregate=1; _ga=GA1.2.2117847018.1430923777; language=pl-PL Referer: http://www.host.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 HTTP/1.1 200 OK Accept-Ranges: none Age: 1718 Cache-Control: public, max-age=864000 Connection: Keep-Alive Content-Encoding: gzip Content-Length: 462 Content-Type: text/css Date: Fri, 08 May 2015 10:20:37 GMT ETag: W/"WA42c972a572376dab" Expires: Mon, 18 May 2015 10:20:37 GMT Last-Modified: Tue, 22 Apr 2014 12:56:40 GMT Server: Vary: Accept-Encoding X-UA-Compatible: IE=Edge X-WA-Info: [V2.S10101.A82290.P94462.N13694.RN0.U947762373].[OT/all.OG/includes] Reload, cache primed GET /Portals/0/portal.css;wa42c972a572376dab?cdv=545 HTTP/1.1 Host: www.host.com Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip, deflate, sdch Accept-Language: pl-PL,pl;q=0.8,en-US;q=0.6,en;q=0.4 Cache-Control: max-age=0 Cookie: .ASPXANONYMOUS=ksN9_Z2-0AEkAAAAMWU0NGU1M2QtZWYxNy00ZjYzLTllM2UtODBiZTM1ZGRiNWQ40; ASP.NET_SessionId=0qsuljchcmws3rnxe5u1mrh4; _gat=1; _gat_agregate=1; _gat_sklepagregate=1; _ga=GA1.2.2117847018.1430923777; language=pl-PL If-Modified-Since: Wed, 08 Oct 2014 09:23:55 GMT Referer: http://www.host.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 HTTP/1.1 304 Not Modified Accept-Ranges: none Age: 2007 Cache-Control: public, max-age=864000 Connection: Keep-Alive Content-Type: text/css Date: Fri, 08 May 2015 10:25:26 GMT ETag: W/"WA42c972a572376dab" Expires: Mon, 18 May 2015 10:25:26 GMT Last-Modified: Tue, 22 Apr 2014 12:56:40 GMT Server: X-UA-Compatible: IE=Edge X-WA-Info: [V2.S10101.A82290.P94462.N13694.RN0.U947762373].[OT/all.OG/includes] I am not HTTP expert but for me conditional get does not makes any sense. Why it's performed? Tested in both Chrome 42.0.2311.135 and Firefox 37.0.2 (on Win2008 srv). I was reading some post about Chrome behaving like that - sending conditional GET even if object in cache is not expired (seems to be something similar looking at Cache-Control: max-age=0 in reload request). But the same for Firefox as well? Is that kind of bug feature? If so is there any way to modify AAM to force browser not do that? I did additional test (this time using Wireshark not browser plugins) and result was: Browser opened (cache is primed), url entered, only GET for / in Wireshark, no other request Reload used - request for all objects in Wireshark bith OK 200 and 304 Not Modified I am a bit lost what's going on. Piotr273Views0likes2CommentsAAM and clearing cache
Hi, I tried to find info how to clear Web Accelerator based cache (not standard LTM RAM cache) but failed to find working solution - at least that looks like from my tests. What I found is: To show cache I can use tmsh show ltm profile web-acceleration profile name Suggested command to clear is tmsh delete ltm profile wa-cache profile name But delete command seems not to be working. After issuing stats displayed by tmsh show ltm profile web-acceleration profile name are the same as before. So what is a way to clear cache? I am not talking about Invalidating (according to docs this GUI command is not removing objects from RAM or disk but only expires them, so before serving LTM has to re validate all with origin server - at least that is my understanding how it works) Piotr BTW - is there a way to display content of the cache - files actually kept in ram or on disk?260Views0likes2Comments