More efficient iRule needed

Question

Hello,&nbsp;
&nbsp;I have a Virtual Server that I just setup for SharePoint.  SharePoint hosts about 15 sites which the business lines all want Load Balanced.  The challenge for me was that I did not want to setup a virtual server for every site.  So I consulted DEVCENTRAL and looked for solutions to this.  What I read about and came up with is a single virtual server that would use an iRule to direct traffic to pools for each site.  Meaning that a pool would be setup for each site.  This sounded great because it would allow me to have a separate monitor for each site.  &nbsp;
&nbsp;Here goes an example of the iRUle:&nbsp;
&nbsp;when HTTP_REQUEST &nbsp;
&nbsp;{ if { [HTTP::host] equals "AAA.mydomain.org" }  { 
&nbsp;             if {[active_members SP_AAAA] &gt; 0} { 
&nbsp;                   pool SP_AAAAA } 
&nbsp;             else {
&nbsp;                   HTTP::redirect "http://maintenance.mydomain.org" 
&nbsp;                   event disable all 
&nbsp;              } 
&nbsp;    } 
&nbsp; 
&nbsp;    elseif { [HTTP::host] equals "BBB.mydomain.org" } { 
&nbsp;             if {[active_members SP_BBBB] &gt; 0} { 
&nbsp;                   pool SP_BBBB } 
&nbsp;             else { 
&nbsp;                   HTTP::redirect "http://maintenance.mydomain.org" 
&nbsp;             event disable all 
&nbsp;             } 
&nbsp;    }
&nbsp;    elseif  ..... YADA YADA YADA...&nbsp;
&nbsp;This goes on for 13 other sites!!!  So I realize this is very inefficient.  Everytime the user makes a request it has to pass this iRule and therefore performance sucks.  If I remove it it works fine.  And looking at this now, it make sense why I see these results.&nbsp;&nbsp;
&nbsp;So my question is ... how do I make this better?  Should I just make a virtual server for each site?  iRules seem like it would be very inefficient in this case.  Or is there a way to do this on a connection basis instead of each HTTP request basis?&nbsp;&nbsp;
&nbsp;Your assistance and enlightenment is appreciated!!!&nbsp;
&nbsp;Thanks!!!&nbsp;
&nbsp;Dbow

hooleylist · Answer

Hi Dbow, 
&nbsp;  
&nbsp; If the pool name can be determined from the host header value you could parse the host header, verify the format of the name matches some pattern and then try to assign a pool based on it.  You can use catch to handle pools that don't exist. 
&nbsp;  
&nbsp; Else, if you can't map the host to pool by pattern, you could create a datagroup with the hostname to pool name mappings.  For 9.x you'd use findclass for the datagroup lookup.  For 10.x, you'd want to use the class command. 
&nbsp;  
&nbsp; Here's a recent example from Naladar for this: 
&nbsp; http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/50/aft/1172969/showtab/groupforums/Default.aspx 
&nbsp;  
&nbsp; Aaron

dbow_21284 · Answer

Hi Hoolio, 
&nbsp; I am already doing the examination of the host header and assigning to a pool.  This is the iRule I have above.  Or maybe I am misunderstanding?  So right now my iRule looks at the host header, and based on that directs it to a pool (while checking availability of the pool members). 
&nbsp;  
&nbsp; This works!!  However, my issue is that it is very inefficient.  This especially comes into play with an intranet site where people download docs.  When they download a 25MB doc, I am guessing that the inspection of every single packet to determine the pool, is causing latency in the user experience.  When I remove the iRule and have a single pool the speed is good.  When I put the iRule back, the sluggishness reappears. 
&nbsp;  
&nbsp; Does this make sense that this would be the case?  I thought F5 would inspect each packet regardless of an iRULE.  So I was not expecting this and a little stumped. 
&nbsp;  
&nbsp; Thanks, 
&nbsp;  
&nbsp; Dbow

hooleylist · Answer

The optimal method for selecting a pool would be a check of the host header and mapping that to a corresponding pool name without going through all possible pool names (whether in an if/elseif/.../else chain, a switch statement or a datagroup).  The logic would be something like this: 
 when CLIENT_ACCEPTED {
    Save the name of the default pool 
   set default_pool [LB::server pool]
}
when HTTP_REQUEST {

Check if Host header ends with my domain
   if {[string tolower [HTTP::host]] ends_with ".example.com"}{

Try assigning a pool in the format of subdomain1_http_pool
       from a host header value of subdomain1.example.com
      if {[catch {pool [getfield [HTTP::host] "." 1]_http_pool} result]}{
         log local0. "[IP::client_addr]:[TCP::client_port]: Error assigning pool [getfield [HTTP::host] "." 1]_http_pool for [HTTP::host]"
 pool $default_pool
      }
   }
}
 
 If you can't create a pool based just on the subdomain of the Host header value, you could create a datagroup which maps the host names to pool names and then use the class command to do the lookup.   
 Just to clarify, every TCP packet is not inspected with any of these iRules.  LTM will only collect enough TCP packets to parse the HTTP headers of the requests.  This happens when you have an HTTP profile on the virtual server--regardless of whether an iRule is used or not. 
 Aaron

Forum Discussion

More efficient iRule needed

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Scan - Making string manipulation efficient

The Source of Truthiness - your journey towards operational efficiency

DNS irule, do I need a GTM license?

Need help redirecting hundreds of host:uris to differentHOST:differentURI using datagroup and irule

need help to write an IRULE.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS