Forum Discussion

mplaksin0's avatar
mplaksin0
Icon for Cirrus rankCirrus
Oct 18, 2022

irule uri traffic redirection failing

Hello team, I have to implement an irule to redirect traffic based on URL. So i made following code: when HTTP_REQUEST { if { [HTTP::uri] starts_with "/specialurl" } { snatpool /NAT_Outside po...
application delivery
event
irule
LTM
uri
url
  • Paulius's avatar
    Paulius
    Nov 02, 2022

    mplaksin0First I would create a /32 netmask OneConnect profile and associate it with the virtual server in question. After you have done that use the following iRule configuration replacing whatever you might want to match in the if statement but leave everything else and that should solve your issue.

     

     

    when CLIENT_ACCEPTED {

    set DEFAULT_POOL [LB::server pool]

}

when HTTP_REQUEST {

    if { [HTTP::uri] starts_with "/specialurl" } {
        snatpool NAT_Outside
        pool Apps_pool  
        log local0. "[IP::client_addr] Ingreso a [HTTP::uri]"
    } else {
        pool $DEFAULT_POOL
    }

}
mihaic's avatar
mihaic
Icon for MVP rankMVP
Oct 19, 2022

What is the default pool? Isn't it "App_pool"?

Where are other uri's configured to go?
Probablly the config of the VIP will help us figure it out.

  • mplaksin0's avatar
    mplaksin0
    Icon for Cirrus rankCirrus
    Oct 19, 2022

    The default pool isn't App_pool.

    The gateway of VM of default pool its this bipip and App_Pool its the ip of virtual-server of other bigip that its in other point of the network (we reach it via routing).

    I attach the list.

    I tried a policy that says "if the uri contains /specialurl foward traffic to pool App_Pool" and same behavior.

    Maybe i can try to set default pool as App_Pool and use a policy with "not contains /specialurl foward traffic to pool GOL (default)

     

    security presentation tmui virtual-list /GOL {
    dos-status none
    server {
    attack-status none
    bandwidth-bps 152744
    bandwidth-cps 0
    bandwidth-pps 66
    description none
    dst-addr x.x.x.x%12
    dst-port https
    evicting-active false
    eviction-policy none
    http-auto-threshold Disabled
    http-behavioral-signature-dos Disabled
    ip-intelligence-policy none
    l4-protocol 6
    l7-protocol http
    mask 255.255.255.255
    max-bandwidth-bps 4294967295
    max-bandwidth-cps 0
    max-bandwidth-pps 4294967295
    name /GOL
    netflow-profile none
    network-auto-threshold Disabled
    network-behavioral-signature-dos Disabled
    route-doman 12
    scrub-monitored false
    scrubbable-advertisement-method none-method
    scrubbable-bandwith-threshold 4294967295
    scrubbing-active false
    src-addr 0.0.0.0%12/0
    src-port any
    stress-level 0
    traffic-type inline
    }
    vlans none
    }