Forum Discussion
Jeff_Giroux
Cirrus
Cirrusirule processing and performance of 2 irules both doing http_request
I have a VIP that receives a peak of 2,500 current client
connections. It has a current irule that "when http_request " doing basic pool decisions. I need to
apply another irule that does hig...
hooleylist
Cirrostratus
CirrostratusThere isn't much you could save by trying to combine the iRules or share variables across them. However, you can optimize both rules separately:
logging iRule
when CLIENT_ACCEPTED {
set hsl [HSL::open -proto UDP -pool pool_syslog_514]
}
when HTTP_REQUEST {
Save the request components we want to log in the response
set log_string <190> src_ip=[IP::client_addr], dest_vip=[HTTP::host],http_method=[HTTP::method],\
http_uri=[HTTP::uri], http_version=HTTP/[HTTP::version]"
}
when HTTP_RESPONSE {
HSL::send $hsl "$log_string, return_code=[HTTP::status]"
}Pool selection iRule
when HTTP_REQUEST {
switch -glob [HTTP::path] {
"/123/help*" {
poolserverpool01_8080
persist none
}
"/123/petsemail*" {
poolserverpool02_8080
persist none
}
"/123/profileeditor*" {
poolserverpool03_8080
persist none
}
"/123/activitystream*" {
poolserverpool04_8080
persist none
}
"/123/core*" {
poolserverpool05_8080
persist none
}
"/123/*" {
poolserverpool06_8080
persist none
}
"/admin*" {
if { [IP::addr [IP::client_addr] equals 10.1.1.1] or \
[IP::addr [IP::client_addr] equals 10.50.1.1 or \
[IP::addr [IP::client_addr] equals 10.100.1.1 } {
poolpool_qlaxorin_8080
} else {
HTTP::respond 404 content { 404 Not Found }
}
}
default {
HTTP::respond 404 content { 404 Not Found }
}
}
}I haven't tested the iRules, but hopefully they give you an idea of how you can make these more efficient.
Also, you could add the hosts/networks you want to allow access to the /admin URIs from to an address type datagroup and then use the class command to do the lookup.
Aaron