Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

craddockchris's avatar
craddockchris
Icon for Altocumulus rankAltocumulus
Apr 22, 2024

iRule assistance

Dear community, Could someone provide me with an example of an iRule that does the following:   I would like to have a single inbound VIP for API calls. These calls could go to one of 2 Pools depe...
devops
candc's avatar
candc
Icon for Cirrus rankCirrus
Apr 22, 2024

At its simplest...

when HTTP_REQUEST {
    switch -glob -- [string tolower [HTTP::uri]] {
        "/thing-a/*" { pool "apiPoolA" }
        "/thing-b/*" { pool "apiPoolB" }
        default { HTTP::respond 400 content "Unsupported URI" noserver }
    }
}

i.e., in the HTTP_REQUEST event, read the URI, convert it to lower-case (for easier comparing) and compare it to one or more simple patterns

If the URI starts with /thing-a/, forward to one specific backend pool; if it starts with /thing-b/, forward to another.

If the URI does not match either of those patterns, respond with a basic HTTP error message.

Note that, to the BIGIP, the term "URI" means "the path and querystring".  If you actually want just the path, try [HTTP::path]; if you want the hostname, try [HTTP::host]; or if you want both, consider "[HTTP::host][HTTP::uri]".

If you need the scheme (i.e. if it is HTTP or HTTPS), it can be a little trickier.  Possibly [expr { [PROFILE::exists clientssl] ? "https" : "http" }].