janholtz
Jul 28, 2010Altostratus
New Radius Profile
Hi allSOL11627 or is my code dodgy?
I am trying to create a simplified alternative -thanks to v10.x changes- to David Wang's super radius irule at:
http://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/149/Radius-Aware-Load-Balancing-via-iRules.aspx
What I am trying to achieve is detect only accounting start & stop messages, if we get one of these, they must be routed to one of 2 pool members depending on the modulo 2 value of the Frame IP address (don't ask).
If the message is an account stop, it must also delete the source based persistence entry for all other virtual servers. This entry should have the Frame-IP as the client IP.
Here's what I have at present:
-----------------------------------------------------------------------------------------
when CLIENT_ACCEPTED {
if { [UDP::payload length] > 4 } {
if {[RADIUS::code] == 4 } {
binary scan [RADIUS::avp 8] a* Frame_IP
binary scan [RADIUS::avp 40] H* statval
set Acc_Stat [expr 0x$statval]
if {$Acc_Stat == 1} {
binary scan [binary format c4 [split $fullval .]] H8 Hex
set decimal [expr 0x$Hex]
set modval [expr {$decimal % 2 }]
if { $modval == 0 } {
pool pool_radius member 1.1.1.1 1813
}
if { $modval == 1 } {
pool pool_radius member 1.1.1.1 1813
}
}
}
}
}
when LB_SELECTED {
if { $Acc_Stat == 2 } {
persist delete source "$Frame_IP any virtual"
}
}
-----------------------------------------------------------------------------------------
I have tried this code before, but we were not seeing the account stop messages come through correctly.
Would that be due to
Regards
Jan