Forum Discussion

KaiTT's avatar
Icon for Nimbostratus rankNimbostratus
Feb 17, 2021


I would like to configure iRule as below.


1) Configure to use the "VS_Any_Bypass" virtual server when the pool member is down

2) When IP addresses are added to the Data Group List, configure only those IP addresses to use the "VS_Any_Bypass" virtual server.


I made a sample policy, but I don't know if it's accurate.


when LB_FAILED {

if { ([active_members Pool_WAF] < 1) or ([class match [IP::client_addr] equals bypass-sip]) } {



virtual VS_Any_Bypass





*Pool_WAF : Pool member

*bypass-sip : Data Group List


The type of virtual server to which this ireule is added is performance L4.



1 Reply

  • it might not be the answer you are hoping for, but have you tried?

    if you can't because of chance of disruption then try on a test virtual server. but even without attaching creating the iRule will at least do some syntax checking and determine if certain commands are allowed in certain events.

    if you can't try have you searched the iRule clouddocs page?

    throws up some interesting info: Note: The LB_FAILED event is not triggered for Performance L4 virtual servers. There is an enhancement request to add this in BZ341776. Contact F5 Support for additional information.

    seems to indicate that just LB::reselect selects the next pool member, which doesnt exist, so at least it has be be

    LB::reselect virtual VS_Any_Bypass