Forum Discussion

Terry_Rodecker_'s avatar
Terry_Rodecker_
Icon for Nimbostratus rankNimbostratus
Nov 23, 2010

iRule to control snatpool based on destination

Hi,     I apologize right off the bat for what will most likely be an incredibly easy question. We recently implemented 2 F5 Link Controllers to load balance between ISPs. We had engaged an F5...
application delivery
dev
devops
iRules
hooleylist's avatar
hooleylist
Icon for Cirrostratus rankCirrostratus
Nov 24, 2010
Hi Terry,

With just a LC license, you can't actually parse the HTTP as HTTP. Nor can you collect the TCP payload to look for the HTTP headers. So you're limited to making layer 4 based decisions. You can use the class command (matchclass has been deprecated in 10.x) to check the source or destination IP address against an address type datagroup and make a pool and/or SNAT decision based on that. In 10.x, make sure to not include the old format of $::datagroup_name. Here's an example for 10.x: 


when CLIENT_ACCEPTED {
   if {[class match [IP::local_addr] equals destination_ips_1_class]}{
       Do something for this destination IP
   } elseif {[class match [IP::local_addr] equals destination_ips_2_class]}{
       Do something else for this destination IP
   } else {
       Take some default action?
   }
}

Aaron