Forum Discussion

Sulabh_Srivasta's avatar
Apr 30, 2021

Help for setting policy /iRule

Hello All,

I have a scenario where I have to use only one HTTPS Virtual server for multiple applications listening on different ports on different node, for example:

There are 3 servers , Node_X, Node_Y, Node_Z and VIP resolve to ww.abc.com

 

https://www.abc.com/core ----> https://Node_X:10004/core/

https://www.abc.com/service ----> https://Node_X:10004/service/

 

https://www.abc.com/ims ----> https://Node_X:10009/ims/

 

https://www.abc.com/portal ----> https://:Node_Y:10005/portal/

 

https://www.abc.com/ords----> https://Node_Z:10008/ords/

 

I created 4 pools as below but didn't attach any pool to the Virtual server:

Pool_X for Node_X - port 10004

Pool_X1 for Node_X - port 10009

Pool_Y for Node_Y - port 10005

Pool_Z for Node_Z - port 10008

 

I am using the following iRule but is is not working, please help how can I achieve this ?? Can I use policy or re-write policy ??

 

when HTTP_REQUEST {

 if { [HTTP::uri] starts_with "/core" } {

    use pool Pool_X

  } elseif { [HTTP::uri] starts_with "/service" } {

    use pool Pool_X

} elseif } [HTTP::uri] starts_with "/ims" } {

    use pool Pool_X1

} elseif { [HTTP::uri] starts_with "/portal" } {

    use pool Pool_Y

} elseif { [HTTP::uri] starts_with "/ords" } {

    use pool Pool_Z

  }

}

  • Hi Sulabh Srivastana,

    Remove use command.

    when HTTP_REQUEST {
    	if { [HTTP::uri] starts_with "/core" } {
    		pool Pool_X
    	} elseif { [HTTP::uri] starts_with "/service" } {
    		pool Pool_X
    	} elseif { [HTTP::uri] starts_with "/ims" } {
    		pool Pool_X1
    	} elseif { [HTTP::uri] starts_with "/portal" } {
    		pool Pool_Y
    	} elseif { [HTTP::uri] starts_with "/ords" } {
    		pool Pool_Z
    	}
    }

    switch version:

    when HTTP_REQUEST {
    	switch -glob [HTTP::uri] {
    		"/core*" -
    		"/service*" { pool Pool_X }
    		"/ims*" { pool Pool_X1 }
    		"/portal*" { pool Pool_Y }
    		"/ords*" { pool Pool_Z }
    	}
    }

    without using pool:

    when HTTP_REQUEST {
    	switch -glob [HTTP::uri] {
    		"/core*" -
    		"/service*" { node 1.2.3.4 10004 }
    		"/ims*" { node 1.2.3.4 10009 }
    		"/portal*" { node 5.6.7.8 10006 }
    		"/ords*" { node 9.10.11.12 10008 }
    	}
    }
  • Hi Sulabh Srivastana,

    Remove use command.

    when HTTP_REQUEST {
    	if { [HTTP::uri] starts_with "/core" } {
    		pool Pool_X
    	} elseif { [HTTP::uri] starts_with "/service" } {
    		pool Pool_X
    	} elseif { [HTTP::uri] starts_with "/ims" } {
    		pool Pool_X1
    	} elseif { [HTTP::uri] starts_with "/portal" } {
    		pool Pool_Y
    	} elseif { [HTTP::uri] starts_with "/ords" } {
    		pool Pool_Z
    	}
    }

    switch version:

    when HTTP_REQUEST {
    	switch -glob [HTTP::uri] {
    		"/core*" -
    		"/service*" { pool Pool_X }
    		"/ims*" { pool Pool_X1 }
    		"/portal*" { pool Pool_Y }
    		"/ords*" { pool Pool_Z }
    	}
    }

    without using pool:

    when HTTP_REQUEST {
    	switch -glob [HTTP::uri] {
    		"/core*" -
    		"/service*" { node 1.2.3.4 10004 }
    		"/ims*" { node 1.2.3.4 10009 }
    		"/portal*" { node 5.6.7.8 10006 }
    		"/ords*" { node 9.10.11.12 10008 }
    	}
    }
  • Hi Enes,

     

    Thanks for your response, I tried but none of the given solution is working. Please let me know if I am missing something.

     

    • Enes_Afsin_Al's avatar
      Enes_Afsin_Al
      Icon for MVP rankMVP

      Hi,

      when HTTP_REQUEST {
      	log local0. "requri0: [HTTP::uri] - cip: [IP::client_addr]"
      	if { [HTTP::uri] starts_with "/core" } {
      		log local0. "requri1: [HTTP::uri] - cip: [IP::client_addr]"
      		pool Pool_X
      	} elseif { [HTTP::uri] starts_with "/service" } {
      		log local0. "requri2: [HTTP::uri] - cip: [IP::client_addr]"
      		pool Pool_X
      	} elseif { [HTTP::uri] starts_with "/ims" } {
      		log local0. "requri3: [HTTP::uri] - cip: [IP::client_addr]"
      		pool Pool_X1
      	} elseif { [HTTP::uri] starts_with "/portal" } {
      		log local0. "requri4: [HTTP::uri] - cip: [IP::client_addr]"
      		pool Pool_Y
      	} elseif { [HTTP::uri] starts_with "/ords" } {
      		log local0. "requri5: [HTTP::uri] - cip: [IP::client_addr]"
      		pool Pool_Z
      	}
      }

      Can you investigate the logs on cli and pool stats on gui?

      tailf /var/log/ltm | grep requri
  • I can see client IP as my IP (I am the tester) and SNAT IP, the iRule is being executed but traffic is not hitting the pool, no hits on pool.