iRule to route traffic to different pool when pool members down in default pool
We are running a transparent proxy in our environment and have decided that when the both proxy servers in our proxy server pool become unavailable we would like to route the traffic out the internet unfiltered (VLAN C). All clients have public IPv4 addresses.
I have a wildcard VIP setup (with a lasthop pool overriding the autolast hop featuere) to accept traffic on VLAN A pass the traffic back to VLAN B (where the proxy servers are) and then go out the lasthop pool on VLAN C.
I have an iRule on the wildcard VIP which redirects HTTP requests to the proxy server when needed by replacing the HTTP host and HTTP uri.
When the proxy servers are not down this setup works flawlessly. However when both proxy servers are down and I choose to use the lasthop pool instead of the proxy pool traffic does not flow correctly. If I remove both the iRule with the HTTP redirects in it and the HTTP profile and apply a iRule with just when LB::failed statement in it to reselect the lasthop pool as it's target I can asymetrically route the traffic to the internet just fine. This makes me believe that there is something in the HTTP profile (possibly iRule) which is causing a change to the HTTP packet before it goes to the lasthop pool that the router in the lasthop does not like.
Any help or suggestions would be great.
Configuration:
virtual capture_virt {
lasthop pool captured_lasthop
pool capture_pool
destination any:any
mask 0.0.0.0
ip protocol tcp
rules captured-HTTP_rule
profiles {
captured_prof {}
captured_tcp_prof {}
}
vlans captured-A enable
}
pool captured_lasthop {
monitor all gateway_icmp
members 10.1.5.41:any {}
}
____iRule below__________
rule captured-HTTP_rule {
when CLIENT_ACCEPTED {
if { [active_members capture_pool] < 1 } {
use pool captured_lasthop
}
}
when LB_FAILED {
if { [active_members capture_pool] < 1 } {
use pool captured_lasthop
}
}
when HTTP_REQUEST {
if { [HTTP::host] eq "www.facebook.com" } {
use pool captured_lasthop
} elseif { [HTTP::host] eq "www.google.com" } {
use pool captured_lasthop
} elseif { [HTTP::host] eq "www.yahoo.com" } {
use pool captured_lasthop
} else {
log local0. "Client IP address is: [IP::remote_addr]"
HTTP::header replace Host "www.example.com"
log local0. "Replacing Host"
HTTP::uri "/example/login.html"
log local0. "Replacing URI"
}
}
}
_____iRule above______
pool capture_pool {
monitor all cp-web_HTTP_DEV01_mon
members {
10.1.5.20:http {}
10.1.5.21:http {}
}
}
profile http captured_prof {
defaults from http
}
profile tcp captured_tcp_prof {
defaults from tcp
}