Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

wtwagon_99154's avatar
wtwagon_99154
Icon for Nimbostratus rankNimbostratus
Aug 01, 2008

Anyone use iRules with SiteSpect?

I wanted to see if anyone out there has experiencing using iRules with the SiteSpect appliance.     What I'd like to accomplish is the following (Pseudocode)     NOTE: SSLB = Coo...
application delivery
dev
devops
irules
andrew_waldvoge's avatar
andrew_waldvoge
Icon for Nimbostratus rankNimbostratus
Aug 31, 2009
I'm not sure if this is the most elegant way of doing this. Actually I am sure it is not since LB::status was not available when I wrote this,

 

and also because I'm a hack.

 

Anyhow, it works for us, and I always prefer the least complicated (in my opinion) solution.

 

I tried to trim it down to only what refers to the sitespect configuration. Hope it still makes sense.

 

 

 

external VIP

 

 

 

virtual vip_example_http {

 

pool vip_example_http

 

destination 1.2.3.4:http

 

ip protocol tcp

 

rules vip_example_URI

 

profiles

 

http

 

tcp-loadtest

 

}

 

 

rule vip_example_URI {

 

when HTTP_RESPONSE {

 

if { ! [HTTP::cookie exists "SSLB"] } {

 

HTTP::cookie insert name "SSLB" value "A" domain "my.domain.com"

 

}

 

}

 

when HTTP_REQUEST {

 

...

 

...

 

} else {

 

if { [HTTP::cookie exists "SSLB"] } {

 

set ss_cookie [HTTP::cookie "SSLB"]

 

if { ( $ss_cookie == "B" ) and ( [active_members vip_example_sitespect] > 0 ) } {

 

pool vip_example_sitespect

 

} else {

 

pool vip_internal_http

 

}

 

} else {

 

pool vip_example_http

 

}

 

}

 

}

 

}

 

 

this pool contains only the sitespect

 

pool vip_example_sitespect {

 

members 10.10.10.1:81

 

}

 

 

 

this pool contains sitespect and webservers and you would have your ratio here

 

pool vip_example_http {

 

members

 

10.10.10.1:81

 

10.10.10.2:81

 

10.10.10.3:81

 

10.10.10.4:81

 

}

 

 

 

internal VIP

 

 

virtual vip_internal_http {

 

snatpool SNAT_internal

 

pool vip_internal_http

 

destination 10.10.10.100:http

 

ip protocol tcp

 

rules vip_internal_URI

 

profiles

 

http

 

tcp-loadtest

 

}

 

 

No additional config for the sitespect in this rule

 

rule vip_internal_URI {

 

when HTTP_REQUEST {

 

....

 

....

 

} else {

 

pool vip_internal_http

 

}

 

}

 

}

 

 

snat for the internal VIP

 

snatpool SNAT_internal {

 

members 10.10.10.100

 

}

 

this pool contains the webservers and NOT sitespect

 

pool vip_internal_http {

 

members

 

10.10.10.2:81

 

10.10.10.3:81

 

10.10.10.4:81

 

}