UDP session table aging - slb server forward packet reporting
toddmason
Member ✭
I have two questions outlined below. But first the relevant config: When deploying / testing a RADIUS config with the following excerpt:
slb template udp udp-fast-age
idle-timeout 120
aging immediate
slb virtual-server pa-rad-e2e x.x.x.x
disable-when-any-port-down
port 1812 udp
service-group radius-public
template udp udp-fast-age
port 1813 udp
service-group acct-public
template udp udp-fast-age
The problem with this config is the aging immediate. Although it probably is closing the session pretty quick the RADIUS clients presenting the traffic (from the BNGs) typically reuse their source ports and therefore it would effectively *seem* to the ADC that there is yet more traffic inbound from the same session that was just closed. The result is that not all traffic hitting the VIP is actually getting forwarded to the real servers.
I've removed aging immediate for which the UDP session is now just using idle-timeout which will likely not go idle because of the traffic type and volume present.
Here's my two questions:
1) Why does the Fwd-pkt statistics of "show slb server" incorrectly report that it is forwarding traffic to the real server when in fact (confirmed by packet captures) it does not?
2) I'm certain its not forwarding these packets because of the aforementioned session aging immediate's interaction with the UDP session. The question is how can one demonstrate that from the command line "show ..."? I found an output in show SLB L4 detail; "L4 UDP rsps > reqs" which seems to track semi-closely to the amount of packets being dropped. But the description for that output is not consistent with what I'm observing. "Show session" does not have any detail about the disposition of anything but current/active sessions.
Lastly, this is a conscious decision to NOT use L7 / application load balancing for RADIUS, ie:
slb virtual-server pa-rad-e2e x.x.x.x
port 1812 radius
for reasons outside this discussion.
Thanks anyone for your thoughts.
Todd