Is there an irule to check which member in a pool a client is connecting to?

Question

Is there a way to check which member in the pool the load balancer has selected for a client to connect to in an irule? We are starting to enable SSL between the F5 and our servers, and would like to run the ssl enabled members with the non ssl members during the transition. So ideally, the irule would see the client being sent to server1/2/3 etc and set ssl:disable serverside, else ssl:enable serverside. Any help or other ideas I might not have thought of to do this would be appreciated.

kevin_stewart · Answer

Here's a simple static example:

when LB_SELECTED {
    if { [IP::addr [LB::server addr] equals 10.70.0.1] } {
        SSL::disable serverside
    }
}

You'll need to apply a server SSL profile to the VIP and turn it off in the iRule if the selected server's IP matches a non-SSL host. Also, depending on how many servers you have, it may also make sense to handle the SSL switching assignments in a data group. 
  
 ex.  
 10.70.0.1 := off 
 10.70.0.2 := on 
 10.70.0.3 := on

Forum Discussion

Is there an irule to check which member in a pool a client is connecting to?

1 Reply

Win Big in Vegas: The iRules Contest is back with $5k on the line at AppWorld 2026

Jürgen - February 2026 Featured Member

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

GIS app loading very slow through F5 LTM

HTTP2 iRule manipulation

Apmd memory and swap grows over time

ASM bd daemon crash while processing request body (SIGSEGV) – anyone seen similar behavior?

F5 APM irule to log the VPN session parameters

Related Content

Jürgen - February 2026 Featured Member

Bram - January 2026 Featured Member

Aswin MK - November 2025 Featured Member

Log client to vip connections

Limit Connections From Client

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS