Forum Discussion
NimbostratusiRule help for Single Node/URL Persistance across Pool.
Admitedlly, I have little to no experience with iRule creation. I've persued the vast amount of information on the site, and truthfully it will take me a while to get comfortable with iRules, but deadlines are deadlines.
I need help creating an iRule that will allow anyone (outside of the network) attempting to request a specific URL string (i.e https://site.company.com/connect/login.aspx) to pass through the load balancer to the pool of webservers and communicate to only 1 of the webservers in said pool.
https://site.company.com is available publicly, but a 3rd party vendor has installed a plugin on one of the webservers and needs constant communication to this URL string for polling/uptime data. I'm confident this is something I can do with the F5-1500's i currently have and really don't want to blow a public IP just for this purpose.
As always, your help would be greatly appreciated. Also, for any MVP or iRule rockstar who is interested in some side work regarding the my F5, contact me offline or send me a direct message.
Best,
Harry.
15 Replies
What_Lies_Bene1Cirrostratus
OK, so we can identify that client based on the URI requested? If not, how can we?
Harry_Singh_105Thanks for the reply Steve.
I've spoken with the 3rd party vendor and they have indicated that they initiate the traffic/request from their web farm over port 80. They need direct access to a sub-virtual directory installed on 1 of the webservers which is part of a pool that is already serving up pages both internally and externally.
The main page that everyone is using right now is https://site.company.com.
The new page that the vendor needs direct communication with is https://site.company.com/connect/login.aspx.
The /connect virtual directory and respective files only exists on 1 of the webservers (in a pool of 5).
I'm stuck with creating the right syntax to forward, if you will, anyone requesting that specific URL to direct that request to the one weberver and of course that webserver talking back out.
I hope that makes sense and if you need specific information about my config, let me know.
Harry.
- What_Lies_Bene1OK, no problem, thanks. This should do it;
when HTTP_REQUEST { if { [string tolower [HTTP::uri]] equals "/common" } { pool ‘pool_name’ member x.x.x.x XX } } - Harry_Singh_105Thanks steve!
I suppose if the request comes in as HTTPS, i would change the HTTP references accordingly ? - What_Lies_Bene1
You're welcome. Are you terminating the SSL? If so, no change is required. If not, the iRule won't work anyway.
- Harry_Singh_105By terminating SSL, do you mean if I've installed the certificates on the F5? Now that I type it out, yes SSL terminates at the f5.
- Harry_Singh_105FWIW, I have two separate pools setup one for http and https for the same set of webservers.
- What_Lies_Bene1OK, that's cool. The same iRule will work with both Virtual Servers no problem, no need to change anything as long as a HTTP profile is assigned to both.
- Harry_Singh_105Thanks Steve. Both VS's are using the same HTTP profile. I will look to apply the configured iRule in place right now. Thanks again for your prompt replies.
- What_Lies_Bene1Great. You're very welcome.
