iRule to redirect https to different pool question

Question

I have 2 wildcard virtual servers that route any traffic the bip sees to a particular pool of proxy servers.  1 iRule is a wildcard VS for port 80 traffic.  The other is a wildcard VS for port 443 traffic.  I placed an iRule on my port 80 VS that says if you're coming from a list of subnets send to 1 pool otherwise send to a different pool.  The iRule works great on the port 80 VS but when I apply it to the 443 VS traffic fails.  I'm doing a "when CLIENT_ACCEPTED" so I figured the bip would see the source and dest IP's.  Possibly I'm wrong. 
&nbsp; The "SiteSubnets" data group has a lot of internal subnets associated to it. 
&nbsp; Any help would be appreciated! 
&nbsp;  
&nbsp;  
&nbsp; when CLIENT_ACCEPTED { 
&nbsp;    if { [matchclass [IP::client_addr] equals $::SiteSubnets] } { 
&nbsp;        pool BlueCoatProxyPool 
&nbsp;     } else { 
&nbsp;        pool bluecoat_pool 
&nbsp;     }  
&nbsp;  }

spark_86682 · Answer

That looks like it should work just fine. When you say "traffic fails", what do you mean? If you do a tcpdump on port 443 on your server vlan(s), do you see the BIG-IP sending traffic to the pool members?

Forum Discussion

iRule to redirect https to different pool question

Recent Discussions

F5 LTM listening on 3306

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

irule to enable http/2 acceleration

VS FORWARDING & ROUTE

Statistics ›› Analytics : HTTP : Overview

Related Content

(HTTP) Redirection via Arbitrary Host Header

Health monitor question

Site Launch Frequently Asked Questions

Anchor Link Redirect

F5 Connection Mirroring question

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS