Forum Discussion
Ben_Wilson_2412
Cirrus
CirrusDisable port translation in an iRule, or "node" usage
Hi,
I'm trying to create a VIP that handles HTTP, HTTPS and a TCP port range.
I was hoping to create a "wildcard" VIP, then pick pools based on an iRule.
Port 80 and 443 requests go to the port 80 pool, the 20200-20272 pool, preserving the requested port
The problem I'm having is the "node" command is doing what I expect. Requests are still going to port 80 on the pool members.
Is there a way to disable port translation with an iRule?
See something else wrong with what I'm trying? Wrong event maybe?
b rule lvstrn-pools '{
when CLIENT_ACCEPTED {
set DEBUG 1
switch -regexp [TCP::local_port] {
"80" {
if {$DEBUG} {log local0. "Port 80 request"}
SSL::disable clientside
pool lvstrn.80
}
"443" {
if {$DEBUG} {log local0. "Port 443 request"}
pool lvstrn.80
}
"202[00-72]" {
SSL::disable clientside
pool lvstrn.80
}
default {
reject
}
}
}
when LB_SELECTED {
set DEBUG 1
switch -regexp [TCP::local_port] {
"202[00-72]" {
scan [LB::server addr] {%[^%]%%%s} server_ip rdomain
if {$DEBUG} {log local0. "LB server $server_ip selected for port [TCP::local_port] "}
node $server_ip [TCP::local_port]
}
}
}
}'
Thanks!
Ben
1 Reply
- Kevin_Stewart
Employee
You should be able to 1) create an any port pool, and 2) use the translate port disable command. With that you also shouldn't need the LB_SELECTED event.
when CLIENT_ACCEPTED { set DEBUG 1 switch -regexp [TCP::local_port] { "80" { if {$DEBUG} {log local0. "Port 80 request"} SSL::disable clientside pool lvstrn.80 } "443" { if {$DEBUG} {log local0. "Port 443 request"} pool lvstrn.80 } "202[00-72]" { if {$DEBUG} {log local0. "Port 202XX request"} SSL::disable clientside pool lvstrn.any translate port disable } default { reject } } }
