DataScripts run when various events are triggered by data plane traffic. A single rule may run different code during different events.

Many DataScript functions are only available within specific events. For instance, avi.http.redirect may only be used within an HTTP request event, whereas the avi.http.response function may be used within the HTTP request or the HTTP response events.

DataScript functions, such as avi.http.method, may be used in the request or response events, even though the data returned is specifically from the client’s HTTP request. Some DataScript functions may contain a context parameter, which means that while the function may be called during any event, it is grabbing data from an explicit event. Allowed values for any function’s context parameter are listed in the relevant knowledge base article.

Consider avi.http.get_header as an example. Implementing it during an HTTP response event will return headers from the server’s response. However, by adding a context parameter set to avi.HTTP_REQUEST, headers from the client request may be retrieved and evaluated during the response event.

if avi.http.get_header("my_header", avi.HTTP_REQUEST) then
 avi.http.close_conn()
end

While the DataScript above could be applied to either the HTTP request or response events, it explicitly inspects headers from the client’s request due to the optional context parameter.

Supported DataScript Events

Event

Description

HTTP_AUTH

This event is triggered before the client authentication

HTTP_POST_AUTH

This event is triggered after the client authentication

HTTP_REQ

This event triggers when all the headers of the HTTP request have been parsed successfully, but before any potential POST body has been received.

HTTP_REQUEST_DATA

This event triggers after the parsing of headers of the HTTP request, when any potential POST body has been received.

HTTP_RESP

This event triggers when all headers of the HTTP response have been parsed successfully, but before the response body has been received.

HTTP_RESPONSE_DATA

This event triggers after the parsing of headers of the HTTP response, when the response body has been received.

HTTP_RESP_FAILED

  • This event triggers when any error/timeout happens before a valid response header can be received from the server and forwarded to the client. There are only 3 HTTP functions which can be invoked from the RESP_FAILED event:

  • avi.http.response()

  • avi.http.redirect()

  • avi.http.internal_status()

All other HTTP functions return ERROR and the client connection will end prematurely.

Examples under which the RESP_FAILED event occurs include:

  • TCP/ SSL connection/handshake to back-end server fails

  • Request proxy/send to back-end server times out

  • No Response or partial Response Headers or Bad Response Headers from server

  • Server resets connection while NSX Advanced Load Balancer is waiting for the back-end server to respond

HTTP_LB_DONE

This event triggers once a server has been selected to send the HTTP request to.

L4_REQUEST

Run DataScript on receipt of the payload from the client post the SSL handshake.

L4_RESPONSE

Run DataScript receipt of packet from the server.

SSL_HANDSHAKE_DONE

Run DataScript after SSL handshake is done.

TCP_CLIENT_ACCEPT

This event is triggered when TCP client connection is accepted.

DNS_REQUEST

This event is triggered when DNS request received from the client is parsed successfully.

DNS_RESPONSE

This event is triggered when DNS response is received from an load balanced DNS server.

CLIENT_SSL_PRE_CONNECT

This event is the phase prior to SSL Handshake is initiated (Start of SSL handshake starts with client sending Client Hello Packet) and after the TCP connection gets established. So the set of Datascripts attached at this event get executed.

CLIENT_SSL_CLIENT_HELLO

This event is the phase when client sends Client Hello packet as a part of SSL Handshake initiation.
The following events are introduced to add SSL handshake level events to read/write parameters to control the SSL handshake and change attributes like SSL profile, certificates, PKI settings, renegotiate, and more:

Event

Description

SSL_PRE_CONNECT

This event is triggered at the beginning of the TLS handshake. This event can be used for changing the SSL settings like SSL profile, SSLKeyandCertificate, and PKI profile based on Client IP or VS service port, etc.

SSL_Client_Hello

This event is triggered after client hello pre-processing is done. This event is used for changing the SSL settings like SSL profile, SSLKeyandCertificate, and PKI profile based on Client IP or VS service port, etc.

SSL_HANDSHAKE_DONE

This event is triggered after the TLS handshake is complete. This event can be used for getting client certificate authentication errors and logging.
Note: