Forum Discussion

Sahir_180434's avatar
Sahir_180434
Icon for Nimbostratus rankNimbostratus
Mar 18, 2016

Irule Switch statment & Datagroup question

Hi, I have a question about following iRule & Datagroup. iRule:   ltm rule Data-rule { when CLIENT_ACCEPTED { set PAN_node [class match -value [IP::client_addr] equals Data1] s...
application delivery
iRules
LTM
security
  • VernonWells's avatar
    VernonWells
    Mar 18, 2016

    It selects a single node based on the client source IP. Concretely, if the source IP from the client is "10.10.10.10" the call to class match matches the first record (the record with the key "10.10.0.0/16"). The -value flag tells the class command to return the record value if there is a match (or the empty string if there is no match). So, in this example case, the variable PAN_node is set to "A1" (the value of the matching class record). The switch matches "A1", so the command node 10.29.170.5 executes. This instruct the load-balancing engine to specifically proxy (or forward, depending on the Virtual Server type) to that node.

    In Tcl, a switch does not fall through like it does in C. The code block for the first matching case is executed, then the switch terminates (unless '-' is substituted in place of the code block, which is not the case here).

VernonWells's avatar
VernonWells
Icon for Employee rankEmployee
Mar 18, 2016

It selects a single node based on the client source IP. Concretely, if the source IP from the client is "10.10.10.10" the call to class match matches the first record (the record with the key "10.10.0.0/16"). The -value flag tells the class command to return the record value if there is a match (or the empty string if there is no match). So, in this example case, the variable PAN_node is set to "A1" (the value of the matching class record). The switch matches "A1", so the command node 10.29.170.5 executes. This instruct the load-balancing engine to specifically proxy (or forward, depending on the Virtual Server type) to that node.

In Tcl, a switch does not fall through like it does in C. The code block for the first matching case is executed, then the switch terminates (unless '-' is substituted in place of the code block, which is not the case here).

  • Sahir_180434's avatar
    Sahir_180434
    Icon for Nimbostratus rankNimbostratus
    Mar 19, 2016
    Vernon,Thanks for you explanation. my other question would be about the traffic that doesn't match the rule, will it be forwarded to default route or is it going to be dropped ?