Forum Discussion

iruleyourulewerule's avatar
iruleyourulewerule
Icon for Nimbostratus rankNimbostratus
Apr 08, 2025

iRule not executing on HTTP requests from internal network

Hi,

I have a BIG-IP VE machine running as an AWS EC2 instance, and I have encountered some behavior I can't understand.

I have a virtual server with an HTTP profile, with an iRule applied to it.

When I send HTTP requests to this virtual server, the iRule runs as expected. However when I send requests from other EC2 VMs in the same AWS VPC, I do get the expected HTTP response as the client, but the iRule does not run (I added logs to the iRule to make sure of this). Both the BIG-IP instance and the VM I'm sending the requests from are also sitting in a single subnet, with private IPs in the 172.31.x.x range.

 

What is causing this and how can I make the iRule always run?

3 Replies

  • Do you have other VS on the same BIG IP?

    Might be requests from EC2 match another VS?

    Have you done a tcpdump to ensure you are matching the expected VS?

    • iruleyourulewerule's avatar
      iruleyourulewerule
      Icon for Nimbostratus rankNimbostratus

      I have only 1 VS so it's definitely the right one matching.

      However... I investigated further and realized the iRule is executing, but the "after" command is not working in these instances. I have an "after 100 <script>" line which executes on requests from my local computer (and a colleague's computer on a different network), but it doesn't execute when I send requests from some cloud VMs I tested, both on AWS and in Azure. So it's still a mystery to me..

      • Injeyan_Kostas's avatar
        Injeyan_Kostas
        Icon for Cirrostratus rankCirrostratus

        Sounds weird indeed.
        Could you share irule, VS config and any logs you have?