Forum Discussion
NimbostratusiRULE execution order with data groups
Hello,
I have an iRULE like the one below, what would be the outcome if user with ip 192.168.168.168 accessed http://testserver2.abc.com
when HTTP_REQUEST{ switch -glob[string tolower [HTTP:host]]{ testserver1.abc.com{pool testserver1} testserver2.abc.com {pool testserver2} } if { [class match [IP:client_addr] equals external_users]} { pool testserver3 } }
ltm data-group external /Common/external_users{ records{ 192.168.168.0/24{} } type ip }
JGCumulonimbus
The last pool member selection wins, i.e. 192.168.168.168 gets testserver3.
It would be better if you let us know what you are trying to achieve.
youssef1Hi,
First of you have this condition:
switch -glob [string tolower [HTTP:host]]{ testserver1.abc.com{pool testserver1} testserver2.abc.com {pool testserver2} }Depending the hostname that you enter, you will FW to a specific pool
- if hostname is testserver1.abc.com, you will forward to pool testserver1
- if hostname is testserver2.abc.com, you will forward to pool testserver3
Then you have an additional condition:
if { [class match [IP:client_addr] equals external_users]} { pool testserver3 }If you source IP is contain in the DG external_users as it happens "192.168.168.0/24" you will forward to pool testserver3.
In your case you enter the followin url http://testserver2.abc.com with source IP 192.168.168.168.
- So you will match first condition an your pool is set to testserver2
- but you match second condition due to your source IP and your pool it is finally configured to testserver3
Regards