How to route public IP addresses to a different pool?

Question

We've got a Big-IP LTM that I setup to load balance application traffic to a pool of servers. This application is getting traffic from public IP ranges and private IP ranges. When we make changes to the app, we like to send public IP addresses to a maintenance page while allowing our private IP addresses to continue hitting the normal virtual server pool. What is the easiest way to do this with the F5? So far we have simply been pointing our external DNS to a different IP address altogether which allows our internal DNS to continue as-is. I tried looking into doing this with an iRule script, however, I have no experience with iRules.&nbsp;
Thanks!&nbsp;

only1masterbla1 · Answer

DNS change is a good approach. However, if users have VIP address, DNS change may not work as expected. You may use iRule like this. Syntax has not been checked.

Code

create datagroup allowedIntenalhosts with allowed internal IP addresses

when HTTP_REQUEST {

if { [class match [IP::client_addr] equals "allowedIntenalhosts"} {

business as usual

} else { send sorry page or may redirect HTTP::respond 403 content "sorry, this service is currently under maintenance" } }

Forum Discussion

How to route public IP addresses to a different pool?

Recent Discussions

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Submenus missing in ASM Security Tab

XC Bot defense question

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

NetScaler to F5 Migration

Related Content

Public IP address display

Enriching AFM with public domain Threat Intelligence

Learn How to Apply F5 Distributed Cloud WAAP with GKE via a Public GCP IP Address

Public Cloud Simplified with F5 NGINXaaS for Azure

SSLO in public cloud: Azure inbound L3 use case

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS