Forum Discussion
monica_74227
Nimbostratus
Nimbostratushow about this iRule ?
hey guys,
Could you help me to check this iRule, I don't know if it does work well ? Many thanks!
when CLIENT_ACCEPTED {
if { [ matchclass [IP::client_addr] equals $::mail_internal_class ] } {
pool mail_gateway_pool
}
else {
pool default_gateway_pool
}
}
when LB_SELECTED {
if {[IP::addr [LB::server addr] equals 222.35.42.126] and [IP::addr [IP::client_addr] equals 172.16.1.11] } {
snatpool snat_crt_test2
} elseif {[IP::addr [LB::server addr] equals 221.218.248.155] and [IP::addr [IP::client_addr] equals 172.16.1.11] } {
snatpool snat_uni_test2
} elseif {[IP::addr [LB::server addr] equals 222.35.42.126] and [IP::addr [IP::client_addr] equals 172.16.1.13] } {
snatpool snat_crt_test1
} elseif {[IP::addr [LB::server addr] equals 221.218.248.155] and [IP::addr [IP::client_addr] equals 172.16.1.13] } {
snatpool snat_uni_test1
} elseif {[IP::addr [LB::server addr] equals 222.35.42.126] and [IP::addr [IP::client_addr] equals 172.16.1.20] } {
snatpool snat_crt_test4
} elseif {[IP::addr [LB::server addr] equals 221.218.248.155] and [IP::addr [IP::client_addr] equals 172.16.1.20] } {
snatpool snat_uni_test4
} elseif {[IP::addr [LB::server addr] equals 222.35.42.126] and [IP::addr [IP::client_addr] equals 172.16.1.16] } {
snatpool snat_crt_sms
} elseif {[IP::addr [LB::server addr] equals 221.218.248.155] and [IP::addr [IP::client_addr] equals 172.16.1.16] } {
snatpool snat_uni_sms
} elseif {[IP::addr [LB::server addr] equals 222.35.42.126] and [IP::addr [IP::client_addr] equals 172.16.1.25] } {
snatpool snat_crt_mail
} elseif {[IP::addr [LB::server addr] equals 221.218.248.155] and [IP::addr [IP::client_addr] equals 172.16.1.25] } {
snatpool snat_uni_mail
} elseif {[IP::addr [LB::server addr] equals 222.35.42.126] } {
snatpool snat_crt_pool
} elseif {[IP::addr [LB::server addr] equals 221.218.248.155] } {
snatpool snat_uni_pool
} else {
snat automap
}
}
hoolioCirrostratus
That is a lot of possible evalutions if there aren't any matches or the match for a particular connection is late in the list. You might try combining a few of the checks together to reduce the number of IP checks you're doing.
For example, you could replace this:if {[IP::addr [LB::server addr] equals 222.35.42.126] and [IP::addr [IP::client_addr] equals 172.16.1.11] } { snatpool snat_crt_test2 } elseif {[IP::addr [LB::server addr] equals 221.218.248.155] and [IP::addr [IP::client_addr] equals 172.16.1.11] } { snatpool snat_uni_test2 }
with this:if {[IP::addr [IP::client_addr] equals 172.16.1.11] }{ if {[IP::addr [LB::server addr] equals 222.35.42.126] }{ snatpool snat_crt_test2 } elseif {[IP::addr [LB::server addr] equals 221.218.248.155]} { snatpool snat_uni_test2 } }
Aaron
monica_74227
Aaron, I apreciate your help!
I don't know if the last two sentences could work ?
thanks!- hoolioHi Monica,
I edited my last post as I originally thought both cases were using the same SNAT pool. The updated version should work though.
Aaron - monica_74227hey Aaron,
I am sorry that i don't understand your mean.
my querstion is that i don't know if this iRule could work, expecially the combine the forllowing:
....} elseif {[IP::addr [LB::server addr] equals 222.35.42.126] } {
snatpool snat_crt_pool
} elseif {[IP::addr [LB::server addr] equals 221.218.248.155] } {
snatpool snat_uni_pool
}
......
Thank you! - hoolioHi Monica,
Sorry, I'm not sure what your question is. The iRule syntax should work fine.
Can you try testing it?
Thanks,
Aaron - monica_74227Hey Aaron,
Thank you for your help! I could set up test environment next week.
I have optimized the iRule again, could you help me to correct it, i don't if there are something wrong with the iRule syntax ? Thanks!!!
when CLIENT_ACCEPTED {
if { [ matchclass [IP::client_addr] equals $::mail_internal_class ] } {
pool mail_gateway_pool
}
else {
pool default_gateway_pool
}
}
when LB_SELECTED {
switch {IP::addr [LB::server addr]}
{
222.35.42.126 {
switch {IP::addr [IP::client_addr]} {
192.168.3.11 { snatpool snat_crt_test2 }
192.168.3.13 { snatpool snat_crt_test1 }
192.168.3.20 { snatpool snat_crt_test4 }
192.168.3.16 { snatpool snat_crt_sms }
192.168.3.25 { snatpool snat_crt_mail }
default { snatpool snat_crt_pool }
}
}
221.218.248.155 {
switch {IP::addr [IP::client_addr]} {
192.168.3.11 { snatpool snat_uni_test2 }
192.168.3.13 { snatpool snat_uni_test1 }
192.168.3.20 { snatpool snat_uni_test4 }
192.168.3.16 { snatpool snat_uni_sms }
192.168.3.25 { snatpool snat_uni_mail }
default { snatpool snat_uni_pool }
}
}
default { snat automap }
}
} - hoolioThat looks good. One small correct: when using switch you can use the following format:
switch [IP::client_addr] { "case 1" { } ...
So here is an update:when CLIENT_ACCEPTED { if { [ matchclass [IP::client_addr] equals $::mail_internal_class ] } { pool mail_gateway_pool } else { pool default_gateway_pool } } when LB_SELECTED { switch [LB::server addr] { 222.35.42.126 { switch [IP::client_addr] { 192.168.3.11 { snatpool snat_crt_test2 } 192.168.3.13 { snatpool snat_crt_test1 } 192.168.3.20 { snatpool snat_crt_test4 } 192.168.3.16 { snatpool snat_crt_sms } 192.168.3.25 { snatpool snat_crt_mail } default { snatpool snat_crt_pool } } } 221.218.248.155 { switch [IP::client_addr] { 192.168.3.11 { snatpool snat_uni_test2 } 192.168.3.13 { snatpool snat_uni_test1 } 192.168.3.20 { snatpool snat_uni_test4 } 192.168.3.16 { snatpool snat_uni_sms } 192.168.3.25 { snatpool snat_uni_mail } default { snatpool snat_uni_pool } } } default { snat automap } } }
Aaron - monica_74227okay, many thanks!
- Drop the $:: from your mail_internal_class might be a good idea too
- monica_74227hey Aaron,
I have tested this irule, however it does't work now. all of the client's item math the last sentence " snat automap", could you help correct it ? thanks
when CLIENT_ACCEPTED {
if { [ matchclass [IP::client_addr] equals $::mail_internal_class ] } {
pool mail_gateway_pool
} else {
pool default_gateway_pool
}
}
when LB_SELECTED {
switch {IP::addr [LB::server addr]} {
222.35.42.126 {
switch {IP::addr [IP::client_addr]} {
192.168.3.11 { snatpool snatpool_crt_rd2 }
192.168.3.13 { snatpool snatpool_crt_rd1 }
192.168.3.20 { snatpool snatpool_crt_rd4 }
192.168.3.16 { snatpool snatpool_crt_sms }
192.168.3.25 { snatpool snatpool_crt_mail }
default { snatpool snatpool_crt_default }
}
}
221.218.248.155 {
switch {IP::addr [IP::client_addr]} {
192.168.3.11 { snatpool snatpool_uni_rd2 }
192.168.3.13 { snatpool snatpool_uni_rd1 }
192.168.3.20 { snatpool snatpool_uni_rd4 }
192.168.3.16 { snatpool snatpool_uni_sms }
192.168.3.25 { snatpool snatpool_uni_mail }
default { snatpool snatpool_uni_default }
}
}
default { snat automap }
}
}
