Forum Discussion

ChrisS_DevOps_2's avatar
ChrisS_DevOps_2
Icon for Nimbostratus rankNimbostratus
Jun 05, 2015

Irule to select a pool member that's not the same as the requesting client's ip

We have pool members that will make http requests to vips with pools the requester could itself be a member of   I need a quick irule to make sure that if a server's http request cannot be routed ...
application delivery
devops
iRules
LTM
management
sap
nitass's avatar
nitass
Icon for Employee rankEmployee
Jun 11, 2015

this is mine. i disabled cmp because i wanted to test with one tmm.

 configuration

[root@ve11c:Active:In Sync] config  tmsh list ltm virtual bar
ltm virtual bar {
    cmp-enabled no
    destination 200.200.200.10:80
    mask 255.255.255.255
    pool foo
    profiles {
        fastL4 { }
    }
    rules {
        qux
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    vs-index 9
}
[root@ve11c:Active:In Sync] config  tmsh list ltm pool foo
ltm pool foo {
    members {
        200.200.200.101:80 {
            address 200.200.200.101
        }
        200.200.200.102:80 {
            address 200.200.200.102
        }
        200.200.200.111:80 {
            address 200.200.200.111
        }
    }
}
[root@ve11c:Active:In Sync] config  tmsh list ltm rule qux
ltm rule qux {
    when CLIENT_ACCEPTED {
  log local0. "client: [IP::client_addr]:[TCP::client_port] server:"
}
when LB_SELECTED {
  log local0. "client: [IP::client_addr]:[TCP::client_port] server: [LB::server addr]:[LB::server port]"
  if { [IP::client_addr] == [LB::server addr] } {
    log local0. "client: [IP::client_addr]:[TCP::client_port] LB::reselect"
    LB::reselect
  }
}
when SERVER_CONNECTED {
  log local0. "client: [IP::client_addr]:[TCP::client_port] server: [LB::server addr]:[LB::server port]"
}
}

 /var/log/ltm

[root@ve11c:Active:In Sync] config  tail -f /var/log/ltm
Jun 11 19:41:37 ve11c info tmm[10748]: Rule /Common/qux : client: 200.200.200.101:44464 server:
Jun 11 19:41:37 ve11c info tmm[10748]: Rule /Common/qux : client: 200.200.200.101:44464 server: 200.200.200.102:80
Jun 11 19:41:37 ve11c info tmm[10748]: Rule /Common/qux : client: 200.200.200.101:44464 server: 200.200.200.102:80

Jun 11 19:41:43 ve11c info tmm[10748]: Rule /Common/qux : client: 200.200.200.101:44465 server:
Jun 11 19:41:43 ve11c info tmm[10748]: Rule /Common/qux : client: 200.200.200.101:44465 server: 200.200.200.101:80
Jun 11 19:41:43 ve11c info tmm[10748]: Rule /Common/qux : client: 200.200.200.101:44465 LB::reselect
Jun 11 19:41:43 ve11c info tmm[10748]: Rule /Common/qux : client: 200.200.200.101:44465 server: 200.200.200.111:80
Jun 11 19:41:43 ve11c info tmm[10748]: Rule /Common/qux : client: 200.200.200.101:44465 server: 200.200.200.111:80

Jun 11 19:41:49 ve11c info tmm[10748]: Rule /Common/qux : client: 200.200.200.101:44466 server:
Jun 11 19:41:49 ve11c info tmm[10748]: Rule /Common/qux : client: 200.200.200.101:44466 server: 200.200.200.102:80
Jun 11 19:41:49 ve11c info tmm[10748]: Rule /Common/qux : client: 200.200.200.101:44466 server: 200.200.200.102:80