Forum Discussion
Nimbostratuschanging SNAT pool every week by iRule
Hi All,
Would like to check is there any way to write an iRule about this.
- Require to change snatpool every week - Wednesday
- After Wednesday, the server will stick to the new snatpool untill next wednesday
Or is it any way can write a text file so we can read from the text file to keep track latest update?
Thanks.
Danial
7 Replies
- Kevin_Stewart
Employee
Here's just ONE idea:when RULE_INIT { set static::SNAT_0 "10.80.0.100" set static::SNAT_1 "10.80.0.101" set static::SNAT_2 "10.80.0.102" set static::SNAT_3 "10.80.0.103" } when CLIENT_ACCEPTED { find SNAT pool eval "set snat_id \$static::SNAT_[expr { [clock format [clock seconds] -format %W] %4 }]" log local0. $snat_id snat $snat_id }
This would cycle a list of 4 snat IPs/pools (%4 - modulus 4 in the equation) per week. 
D_Tech_19468Hi,
Thanks for your reply.
Can i change using HTTP_REQUEST instead of CLIENT_ACCEPTED?
Because this iRules will be a NATing a server IP go internet with thru HTTP port?
Can check with you, if i would like to change SNAT to snatpool, is it feasible?
Thanks.
Danial
- Kevin_StewartOn the first question, yes you can use the HTTP_REQUEST event, but I don't really think you need to. All TCP/UDP client connections will trigger the CLIENT_ACCEPTED event, regardless of the higher level protocol.
On the second question, yes you can definitely change "snat" to "snatpool" and modify the static variables in RULE_INIT to be SNAT pool names. - D_Tech_19468
Hi Kevin,
Thanks for your reply.
Noted for your 2 question answer.
Is it iRules will run the new snatpool for every Monday?
Then, for Tuesday till Sunday, the snatpool will stick to the same snatpool?
For Ex:
1st July - Monday, let say it trigger the iRule to run. Result: server A using using snatpool A
Will the server A still using snatpool A from 2nd July to 6th July?
I am thinking possible we can write the status into a text file to keep track the last activity?
PS: Sorry, i am a newbie in writting an iRule.
Thanks.
Danial
- Kevin_StewartI didn't ~exactly write it to your specifications. ;) The above iRule is based on weeks of the year (1-52). The "%W" means the week of the year starting on Monday, so every Monday the value would cycle (next week). We'll take the modulus 4 of that number to get a value between 0 and 3. Example:
Week = Value
1 = 1
2 = 2
3 = 3
4 = 0
5 = 1
6 = 2
...
50 = 2
51 = 3
52 = 0
A few additional points:
1. This runs on every client request (CLIENT_ACCEPTED or HTTP_REQUEST). Also consider that at midnight on Sunday, should someone be in an active session, the snat/snatpool would change. I'm not 100% certain what the affect of that would be mid-session.
2. This is a VIP-global setting, so when you say "server A using using snatpool A", understand that the snat/snatpool is applied to all servers in the pool.
3. It's still possible to get it to rotate on a Wednesday, but would require a little extra work.
4. Because this calculation is triggered on every client request, you may not want to log all of that. - D_Tech_19468Posted By Kevin Stewart on 07/03/2013 05:29 AM
I didn't ~exactly write it to your specifications. ;) The above iRule is based on weeks of the year (1-52). The "%W" means the week of the year starting on Monday, so every Monday the value would cycle (next week). We'll take the modulus 4 of that number to get a value between 0 and 3. Example:
Week = Value
1 = 1
2 = 2
3 = 3
4 = 0
5 = 1
6 = 2
...
50 = 2
51 = 3
52 = 0
A few additional points:
1. This runs on every client request (CLIENT_ACCEPTED or HTTP_REQUEST). Also consider that at midnight on Sunday, should someone be in an active session, the snat/snatpool would change. I'm not 100% certain what the affect of that would be mid-session.
2. This is a VIP-global setting, so when you say "server A using using snatpool A", understand that the snat/snatpool is applied to all servers in the pool.
3. It's still possible to get it to rotate on a Wednesday, but would require a little extra work.
4. Because this calculation is triggered on every client request, you may not want to log all of that.
Hi Kevin,Thanks for your reply.
I roughly have some idea about this.
I had wrote a iRule myself but i am not sure is workable or not? Perhaps you can help me to review?
It means, snatpool will take effect on 1 week - Monday, with NAT_A_pool, but i am not sure tuesday, wednesday... until next week - Monday will stick to NAT_A_pool
if {[IP::client_addr [IP::client_addr] equals 192.168.1.1] {
set FixDate "Monday"
set TodayWeekDay [split [clock format [clock seconds] -format {%A}]
set CurDay [split [clock format [clock seconds] -format {%e}]
set CurTime [clock seconds]
set FixTime [clock scan {12:00}]
set x [CurDay - 1]
if {(TodayWeekDay equals "$FixDate") && (CurTime equals FixTime)} {
if {(x equals 0 >= 6) {
snatpool NAT_A_pool
pool Default_A_GW
elseif {(x equals 7 >= 13) {
snatpool NAT_B_pool
pool Default_B_GW
elseif {(x equals 14 >= 20) {
snatpool NAT_A_pool
pool Default_A_GW
else
snatpool NAT_B_pool
pool Default_B_GW
else {if {(x equals 0 >= 6) {
snatpool NAT_A_pool
pool Default_A_GW
elseif {(x equals 7 >= 13) {
snatpool NAT_B_pool
pool Default_B_GW
elseif {(x equals 14 >= 20) {
snatpool NAT_A_pool
pool Default_A_GW
else
snatpool NAT_B_pool
pool Default_B_GW
}
} - Kevin_StewartThe example I gave would change the week number every Monday, and subsequently the snat/snatpool. So from Monday to Sunday the week and snat/snatpool would be the same. You can also change the pool by adding pool names as separate static variables, or put all of it into data groups.
