For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Sam01_131907's avatar
Sam01_131907
Icon for Nimbostratus rankNimbostratus
Aug 19, 2013

irule to source route traffic using a VIP

Hello,

I would like to split traffic outbound from load balanced servers to different routers/gateways using irule. i want servers with subnet 192.168.10.0/24 to use default route 0.0.0.0 and use old core router. i want servers with subnet 192.168.20.0/24(translated to 192.168.30.0/24) to use a different route and exit using a new core router.

i created a vip(called wildcard) with default route 0.0.0.0 and a pool that has old core router. i create an irule ans i associated it with the vip above to split traffic based on source traffic originated from server snated to 192.168.30.0 SNAT_GW_POOL and VIP_GW_POOL are the new core router interfaces.

please help me out if you have done this before or know how to fix it...this is outbound traffic from load balanced servers trying to exit from the F5.

when CLIENT_ACCEPTED { 
    if { [IP::addr [IP::client_addr] equals 192.168.30.0.0/24]} 
        { pool SNAT_GW_POOL event disable all } 
    elseif { [IP::addr [IP::client_addr] equals 192.168.20.0/24]} 
        { pool VIP_GW_POOL event disable all } 
}
application delivery
devops
iRules

1 Reply

  • Michael_Yates's avatar
    Michael_Yates
    Icon for Nimbostratus rankNimbostratus
    Aug 19, 2013

    Hi Sam01,

     

    Check out this post. It has an example of an iRule and an alternate solution below the iRule example. I would suggest weighing your options and choosing which is best for you.

     

    Source Based Routing

     

    Hope this helps.