Forum Discussion
F5 iRule for persistence with header and source address persistence as fallback
Hello,
I'm not so good in iRules, but maybe someone can give me some examples, I have an VS for more than one service with an iRule like this below
when HTTP_REQUEST {
if {[string tolower [HTTP::host]] starts_with "company.com"}{
if {[string tolower [HTTP::uri]] starts_with "/human"}{
pool "pool_human"
} elseif {[string tolower [HTTP::uri]] starts_with "/body"}{
pool "pool_body"
} elseif {[string tolower [HTTP::uri]] starts_with "/dev"}{
pool "pool_dev"
}
}
}
so now I want to integrate in this iRule a decision, for the /body should be an header persistence active, for example the request arrives with header1 it should persist to node1 in the pool_body and with header2 it should persist to node2 in the pool_body. If is header 1 and 2 not present he should use source address persistence as fallback persistence. Is that possible ? Could someone show me an example how could I the existing iRule extend with my requirement ?
thx
kind regards
Hi eLeCtRoN ,
I have a bit poor environment to test my script for you , so sorry for that.
I have written this script for your case , Find it :when HTTP_REQUEST { if {[string tolower [HTTP::host]] starts_with "company.com"}{ if {[string tolower [HTTP::uri]] starts_with "/human"}{ pool "pool_human" } elseif { [string tolower [HTTP::uri]] starts_with "/body"}{ if {[HTTP::header "xxx"] contains "header_1"}{ pool "pool_body" member 10.10.10.10 80 } elseif {[HTTP::header "xxx"] contains "header_2"}{ pool "pool_body" member 10.10.10.20 80 } else { pool "pool_body" persist source_addr 255.255.255.255 3600 } } elseif {[string tolower [HTTP::uri]] starts_with "/dev"}{ pool "pool_dev" } } }
> For "/body" conditions , I have added a new loop For pool members selections and persistence as well.
> I assume you have a header "xxx" and should contain "header_1" or "header_2" to select one of pool_members
( 10.10.10.10:80) or (10.10.10.20:80) are for examples to test the validity of my iRule script , you need to change both of them to " Pool_body" members ips and port , okay?
> this line ( persist source_addr 255.255.255.255 3600 ) to make source address affinity persistence as a fallback ip the the first and second conditions fails , Mask " 255.255.255.255 " is to make persistence by ip not subnet , you can specify subnet if you need that , Also "3600" attribute means the duration that Big-ip stores the source ip in persistence record table .
try it and give me your feedback , I will try to simulate this environment on my lab to see.
> I recommend that you perform it in a test virtual server and take Packet capure to see if iRule does its job or not.
RegardseLeCtRoN ,
> The First iRule I sent , it depends on you have a specific header but has two values (header_1 & header 2 )
So persistence will take effect based on this.
> But when I read you request now , I thind you meant by ( header_1 & header_2) that they are header names that coming in requests not values , So that I have modified it to this iRule script :when HTTP_REQUEST { if {[string tolower [HTTP::host]] starts_with "company.com"}{ if {[string tolower [HTTP::uri]] starts_with "/human"}{ pool "pool_human" } elseif { [string tolower [HTTP::uri]] starts_with "/body"}{ if {[HTTP::header exists "header_1"] }{ pool "pool_body" member 10.10.10.10 80 } elseif {[HTTP::header exists "header_2"]}{ pool "pool_body" member 10.10.10.20 80 } else { pool "pool_body" persist source_addr 255.255.255.255 3600 } } elseif {[string tolower [HTTP::uri]] starts_with "/dev"}{ pool "pool_dev" } } }
Try it , also I am implementing a simulated Lab to test it.
Hope it helps you.
- eLeCtRoNCirrus
Hi Mohamed,
thx for your example, I can test it in the end of this week. If I have an feedback for you I let you know.
kind regards
eLeCtRoN ,
Thanks , I hope it work with you.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com