CLIENT_ACCEPTED¶
Description¶
An iRule event triggered when a client has
established a connection.
In effect, when an entry is inserted in the BIG-IP connection table,
this event fires. For TCP connections, this happens when the three-way
handshake successfully completes for a Standard virtual server. For a
FastL4 virtual server, this event fires on the initial syn packet.
For non-TCP connections, this will fire at a point that may not be
wholly intuitive. For example, UDP is connectionless, so one might
reasonably expect this event to fire with each segment in a UDP
stream. However, BIG-IP does create a connection table entry for UDP,
and assigns a timeout. If no segment arrives matching the table entry
within the timeout period, the entry is removed (and CLIENT_CLOSED
fires). However, segments matching the table entry that arrive within
the timeout period will not trigger a new CLIENT_ACCEPTED event (and
will reset the timeout timer for the entry). The timeout is generally
configured, in the case of UDP, via the UDP profile (or a child
profile) applied to the virtual server.
Some profile settings may also have an effect on when events are
raised. For example, the “Datagram LB” setting on the UDP profile will
force each segment in a UDP stream (that is, packets carrying UDP
segments that all have a common source ip/port and destination
ip/port) to load-balance. Between the BIG-IP system and the pool
members, the forwarded segments will use different source port numbers
for each segment (sort of like SNAT, but just for the port). In this
case, CLIENT_ACCEPTED will fire for each segment. This is actually a
specific case of the more general rule above, as each segment
essentially creates an independent connection table entry. Notice, for
example, that CLIENT_CLOSED will still fire for each segment after the
timeout period.
Behavior for this command also depends on the type of virtual server.
For example, a using “Standard” virtual server the event fires after
the final client ACK of the three-way-handshake (as described above),
on a “Performance L4” virtual server it fires on the initial SYN
packet from the client.
Examples¶
when CLIENT_ACCEPTED {
set curtime [clock seconds]
set formattedtime [clock format $curtime -format {%H:%S} ]
log "the time is: $formattedtime"
}