For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

dylanlee1982_17's avatar
dylanlee1982_17
Icon for Nimbostratus rankNimbostratus
Dec 18, 2014

IP based irule

Hi, I am currently deploying LTM with Bluecoat cache servers in my customers network. The ADC has two gateway routers connected and those routers have different NAT pools, so packets from outside n...
application delivery
devops
iRules
Michael_Jenkins's avatar
Michael_Jenkins
Icon for Cirrostratus rankCirrostratus
Dec 18, 2014

One thing that may be helpful to at least see what's happening in the iRule would be to add some logging. That will let you know what's actually going on. Is this an HTTP request, or something different (what port is being used)? If HTTP, you should set the pool in HTTP_REQUEST instead or CLIENT_ACCEPTED. Then you can check the ltm logs and see what's happening.

when CLIENT_ACCEPTED {
    log local0. "Client IP: [IP::remote_addr]"
    if { [IP::addr [IP::remote_addr] equals X.X.X.0/25] || [IP::addr [IP::remote_addr] equals Y.Y.Y.0/25]} {
        log local0. "  Setting pool p_pe_01"
        pool p_pe_01
    } elseif { [IP::addr [IP::remote_addr] equals X.X.X.128/25] || [IP::addr [IP::remote_addr] equals Y.Y.Y.128/25]} {
        log local0. "  Setting pool p_pe_02"
        pool p_pe_02
    } else {
        log local0. "  Setting pool p_gw"
        pool p_gw
    }
}