For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Joe_Curl_105786's avatar
Joe_Curl_105786
Icon for Nimbostratus rankNimbostratus
Feb 07, 2014

HTTP Redirect When Pool is down

I would like to craft an iRule that detects the pool assigned to the VIP has all members down. When it is down then do an http redirect to our site down web server. I have rules in place where I call a specific pool in the rule, but I would like to make it more generic so that I can apply it to any VIP without having a rule for every VIP. I posted an example of what we have been doing up to this point. Thanks.

 

when HTTP_REQUEST { if { [active_members RSAGA-Juniper-Pool-Prod] < 1 or [active_members RSAGA-Juniper-Radius-Pool-Prod] < 1 } { HTTP::redirect "http://frdcsd.app.medcity.net/vdi/" }

 

}

 

application delivery
design
devops
iRules

14 Replies

Show More
  • Torti's avatar
    Torti
    Icon for Cirrus rankCirrus
    Feb 11, 2014

    there are many ways to rome ;-)

     

    if you do a lot of irule stuff, I would say, it is more efficient to check for a reachable backend before. So you can save some resources on f5. Especially, if you running ASM, too.

     

    So, the request will be blocked at the beginning and will not run through a security policy before it get an redirect. But Im not 100% shure, if the security policies comes before LB_FAILED. I didn't find a picture over all the events, only this nice one:

     

    event order

     

    But I agree, LB_Failed is much more powerful than a simple pool member check.

     

  • Joe_Curl_105786's avatar
    Joe_Curl_105786
    Icon for Nimbostratus rankNimbostratus
    Feb 11, 2014

    I am actually trying the LB_FAILED. It gives me a generic rule I can deploy on a high number of VIPS, and it also allows for a more efficient iRule.