How iRule works when a persistence adapted?

Question

I want the HTTP access depend on uri and IPaddress.(LTM version 11.5.1)
For specific client ipaddress(data group list CCclient), I want it access to poolB, others to poolA or 404 resopond.
But maybe because of persistence setting(source_addr(X-True-IP)), it doesn't access to poolB.
IPaddress restriction seems adapted.
How can I ignore only when the access uri is "test.xml"?
The below iRule is adapted to VS test_server which has the pool A. 
when HTTP_REQUEST {
if { [HTTP::header exists "X-True-IP"] } {
set clientip [HTTP::header "X-True-IP"]
} else {
set clientip [IP::client_addr]
}
set uri [ string tolower [HTTP::uri]]
if { $uri contains "/test.xml" } then { 
if { ([class match $clientip equals CCclient]) } then {

pool B

} else {

HTTP::respond 404 content "404 File Not Found"

}

}
if { $uri contains "ref=trust" } {
pool B
} else {
pool A
}
}

kevin_stewart · Answer

You maybe have some conflicting logic here. At the very least I'd suggest inserting some logging to see how things are really being handled.
when HTTP_REQUEST {
    if { [HTTP::header exists "X-True-IP"] } {
        set clientip [HTTP::header "X-True-IP"]
    } else {
        set clientip [IP::client_addr]
    }
    set uri [string tolower [HTTP::uri]]
    if { $uri contains "/test.xml" } then {
        if { ( [class match $clientip equals CCclient] ) } then {
            log local0. "uri contains /text.xml - sending to pool B"
            pool B
        } else {
            log local0. "sending 404 response"
            HTTP::respond 404 content "404 File Not Found"
        }
    }
    if { $uri contains "ref=trust" } {
        log local0. "uri contains ref=trust - sending to pool B"
        pool B
    } else {
        log local0. uri doesn't contain ref=trust - sending to pool A"
        pool A
    }
}

So basically, for it to go to pool B, the request URI has to contain "/test.xml" AND "ref=trust", and the IP has to be in the data group.

tyranon_113005 · Answer

Dear Kevin-san,&nbsp;
Thank you for your reply.&nbsp;
I will set logging.&nbsp;
BTW, in this case, when parsistence and iRule is adapted to VS, which does take priprity?&nbsp;

kevin_stewart · Answer

It depends, but usually the iRule.&nbsp;

Forum Discussion

How iRule works when a persistence adapted?

Recent Discussions

F5 BIG-IP

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Use of SSL Decryption.

Big IP DNS Failover

Related Content

Adaptive Apps: Multi-Cluster K8S Workload Migration and Failover Resiliency - Solution Demo

Adaptive Apps: Replicate & deploy WAF application security policies across F5's security portfolio

XFF Universal Persistence iRule

Adaptive Apps: Automating NGINX Solution Deployments and API Publication - Solution Demo

Adaptive Apps: Identify underlying issues in a complex app portfolio - Demo Kit

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS