Forum Discussion

CCVLo's avatar
CCVLo
Icon for Nimbostratus rankNimbostratus
Mar 26, 2013

MBLB for HSM Messages

Hi all !

 

I´ve been trying to load balance messages destinated to a Thales HSM. Since HSM client uses a single connection to communicate to HSM I´ll use MBLB to achieve that. The HSM Message has a header, a message length indicator and the message itself. I´ve applied a MBLB profife to my virtual server and created the following irule:

 

when CLIENT_ACCEPTED {

 

set client_closed 0

 

TCP::collect

 

log local0. "Client Connected !"

 

 

}

 

 

periodically checks if the client connection closed, if so, also closes associated server connection.

 

when CLIENT_CLOSED {

 

 

set client_closed 1

 

 

}

 

 

Triggered when a connection has been established with the target node

 

when SERVER_CONNECTED {

 

 

after 1000 -periodic if {$client_closed} {TCP::close}

 

 

}

 

 

 

when CLIENT_DATA {

 

scan [TCP::payload] %c%c head rlen

 

 

log local0. "Header = $head -- Length = $rlen"

 

if {($head == 0)} {

 

 

if {[TCP::payload length] < [expr {2 + $rlen}]} {

 

TCP::collect

 

return

 

}

 

}

 

 

TCP::release [expr {$rlen + 2}]

 

TCP::notify request

 

TCP::collect

 

}

 

 

I´ve been using a client to send messages to the virtual server. Checking the traffic with TCPDUMP I can see the messages balancing to members of my pool and they´ve been returning to BigIP but the client application only receives the message back when it is originated from the first server selected to handle the message load balancing. Messages from the second server never come back to client.

 

 

Follows the behavior on my client application:

 

 

Connected!

 

Send: 0000BA1234F843005571922

 

Received: 0000BB0058647

 

Send: 0000BA1234F843005571922

 

Send: 0000BA1234F843005571922

 

Received: 0000BB0058647

 

Send: 0000BA1234F843005571922

 

Send: 0000BA1234F843005571922

 

Received: 0000BB0058647

 

 

 

virtual HSM-MBLB {

 

snat automap

 

pool LB-POOL

 

destination 192.168.1.132:1500

 

ip protocol tcp

 

rules hsm-mblb

 

profiles {

 

mymblb {}

 

tcp {}

 

}

 

}

 

 

pool LB-POOL {

 

members {

 

192.168.2.10:1500 {}

 

192.168.2.11:1500 {}

 

}

 

}

 

 

 

I´ve been using a BigIP LTM Virtual Edition to test this scenario.

 

 

[root@BigIP-VE-001:Active] config bigpipe version

 

Kernel:

 

Linux 2.6.18-164.2.1.el5.1.0.f5app

 

Package:

 

BIG-IP Version 10.1.0 3341.1084

 

Final Edition

 

 

 

Thanks,

 

Carlos Covolo

 

 

 

 

 

No RepliesBe the first to reply