Forum Discussion

aveharsha_30644's avatar
aveharsha_30644
Icon for Nimbostratus rankNimbostratus
Feb 03, 2017

iRule on GTM to allow a specific IP to a specific node

Hi,

 

I am kinda new to iRules. The scenario is we have GTM and LTM configured on BIG-IP and I want to allow traffic from one particular public IP to one of the 4 available servers (when he hits the URL).

 

Current scenario: GTM pool does a ratio Load Balancing to select DC1 or DC2 (2 datacenters) LTM pool does least connection load balancing to select one of the 2 physical servers. (Same configuration on both data centers so 2+2=4 servers in total). Persistence settings are also enabled.

 

When I try to apply the following iRule on GTM, it throws an error: " Rule [/W_partition/test_g] error: /W_partition/test_g:3: error: [undefined procedure: node][node 10.1.1.1:443] "

 

when DNS_REQUEST { if { [IP::addr [IP::client_addr] equals 100.1.1.1/24] } { node 10.1.1.1:443 } }

 

I tried pool xxxx member xxxx but also no use. Should the iRule is applied on GTM and LTM or just GTM? Please help! Thanks in advance. Version: 11.6.0

 

  • You need to understand it would never be the Client IP's which would be querying for Wide IP instead it would be the DNS servers from clients which will be querying for the wide IP.

     

    You can choose Topology based loadbalancing and try specific DNS Server to land go to specific DC, if you are sure about the DNS Servers configured on the clients.

     

    But again you want specific Source IP to talk to specific Server, hence best would be if possible to put all 4 server in a single pool and attach it to both the VIP's on LTM's and then put an i-rule which forces specific Source IP to talk to specific node.

     

    This approach would rule out GTM from the journey let GTM send to any of the DC and irule logic on the LTM takes care of the requirement.

     

  • You need to understand it would never be the Client IP's which would be querying for Wide IP instead it would be the DNS servers from clients which will be querying for the wide IP.

     

    You can choose Topology based loadbalancing and try specific DNS Server to land go to specific DC, if you are sure about the DNS Servers configured on the clients.

     

    But again you want specific Source IP to talk to specific Server, hence best would be if possible to put all 4 server in a single pool and attach it to both the VIP's on LTM's and then put an i-rule which forces specific Source IP to talk to specific node.

     

    This approach would rule out GTM from the journey let GTM send to any of the DC and irule logic on the LTM takes care of the requirement.

     

    • Vijay_E's avatar
      Vijay_E
      Icon for Cirrus rankCirrus

      You can certainly use static persist to increase the chances.

       

    • aveharsha_30644's avatar
      aveharsha_30644
      Icon for Nimbostratus rankNimbostratus

      Thank you Maneesh. Can I try using Static Persist Load Balancing method on GTM Pool (where it selects one among the 2 available DC)? If I am not wrong, this should allow requests coming from a particular LDNS should go through same DC?