Forum Discussion
Issue with Source based redirection when more than one subnet is added
A background on the situation.
We are running a warehouse management system that requires the telnet protocol to use different ports on the backend server for each "warehouse" or location. We have handhelds that utilize a terminal emulator for this telnet service. The application cannot differentiate the particular ports so we are using the F5 to redirect on a source based irule to a specific pool that contains the back end port.
When we have more than one subnet within the rule, the rule seems to not redirect properly. If we specify only one subnet to pool mapping the rule works as we can see the handheld is able to login to the correct warehouse through the correct port.
Can someone please look at this rule and see if there are any syntax issues. If there is a more efficient way to handle this situation we would like to understand that as well. Anyone's help is appreciated!
iRule:
when CLIENT_ACCEPTED {
if {[IP::addr [IP::client_addr] equals 10.21.72.0/24]}{
pool WMS_APP_DEV_TELNET}
if {[IP::addr [IP::client_addr] equals 10.22.29.0/24]}{
pool WMS_APP_DEV_TELNET}
if {[IP::addr [IP::client_addr] equals 10.23.68.0/24]}{
pool WMS_APP_DEV_TELNET_4506}
if {[IP::addr [IP::client_addr] equals 10.22.189.0/24]}{
pool WMS_APP_DEV_TELNET_4506}
{ drop }
}
Thanks,
Megan
- natheCirrocumulusMegan,
- natheCirrocumulusMegan
when CLIENT_ACCEPTED { switch [IP::addr [IP::client_addr]] { "10.21.72.0/24" - "10.22.29.0/24" { pool WMS_APP_DEV_TELNET } "10.23.68.0/24" - "10.22.189.0/24" { pool WMS_APP_DEV_TELNET_4506 } } default { drop } }
- hoolioCirrostratusYou can't actually use a switch statement to evaluate subnets. The original if/elseif/.../else iRule should work. If that's not working you could add debug logging to each condition and check the logs in /var/log/ltm.
- natheCirrocumulusAaron,
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com