Forum Discussion

kingoyster's avatar
kingoyster
Icon for Nimbostratus rankNimbostratus
Jul 31, 2019

Multiple ISP Gateway Outgoing iRule

Hi all F5 gurus,

I just inherited a F5 LTM from previous employee, and I am the sole IT guy in the company. I am tasked to optimize the existing outbound iRule.

The company have 5 different ISP with it's own gateway. Currently the outbound iRule as below,

when CLIENT_ACCEPTED { 
 if {[LB::status pool Gateway_Pool_1 member 1.1.1.1 0] equals "up" } {
   if {[class match -- [IP::client_addr] equals HostGroup1]} {
       snatpool SNAT_Pool_1
       pool Gateway_Pool_1
    } elseif {[class match -- [IP::client_addr] equals HostGroup2]} {
      snatpool SNAT_Pool_2
      pool Gateway_2_Pool
    } elseif {[class match -- [IP::client_addr] equals HostGroup3]} {
      snatpool SNAT_Pool_3
      pool Gateway_Pool_3
    } elseif {[class match -- [IP::client_addr] equals HostGroup4]} {
      snatpool SNAT_Pool_4
      pool Gateway_Pool_4
    } elseif {[class match -- [IP::client_addr] equals HostGroup5]} {
      snatpool SNAT_Pool_5
      pool Gateway_Pool_5
    } else {
       snatpool SNAT_Pool_1
       pool Gateway_Pool_1
    }
  } else {
     snatpool SNAT_Pool_4
     pool Gateway_Pool_4
  }
 }

Please correct me if I inteprete it wrongly,

If Gateway_Pool_1 is up, each HostGroup will use its own Gateway_Pool as outgoing, and Gateway_Pool_1 also act as default outgoing.

If Gateway_Pool_1 is down, all hosts regardless which HostGroup will use Gateway_Pool_4 as default outgoing, and this would cause ISP 4 congested.

Can I replace the it with the following iRules to only use the default Gateway_Pool_1 if individual ISP gateway is down? 

when CLIENT_ACCEPTED { 
  if {([class match -- [IP::client_addr] equals HostGroup1]) && ([LB:status pool Gateway_Pool_1 member 1.1.1.1 0] equals "up")} {
   snatpool SNAT_Pool_1
   pool Gateway_Pool_1
  } elseif {([class match -- [IP::client_addr] equals HostGroup2]) && ([LB:status pool Gateway_Pool_2 member 2.2.2.2 0] equals "up")} {
    snatpool SNAT_Pool_2
    pool Gateway_Pool_2
  } elseif {([class match -- [IP::client_addr] equals HostGroup3]) && ([LB:status pool Gateway_Pool_3 member 3.3.3.3 0] equals "up")} {
    snatpool SNAT_Pool_3
    pool Gateway_Pool_3
  } elseif {([class match -- [IP::client_addr] equals HostGroup4]) && ([LB:status pool Gateway_Pool_4 member 4.4.4.4 0] equals "up")} {
    snatpool SNAT_Pool_4
    pool Gateway_Pool_4
  } elseif {([class match -- [IP::client_addr] equals HostGroup5]) && ([LB:status pool Gateway_Pool_5 member 5.5.5.5 0] equals "up")} {
    snatpool SNAT_Pool_5
    pool Gateway_Pool_5
  } elseif {[LB::status pool Gateway_Pool_1 member 1.1.1.1 0] equals "up" } {
    snatpool SNAT_Pool_1
    pool Gateway_Pool_1
  } else {
   snatpool SNAT_Pool_4
   pool Gateway_Pool_4
  }
 }
application delivery
iRules
  • Andrew-F5's avatar
    Andrew-F5
    Icon for Employee rankEmployee
    Aug 08, 2019

    Please correct me if I inteprete it wrongly,

     

    If Gateway_Pool_1 is up, each HostGroup will use its own Gateway_Pool as outgoing, and Gateway_Pool_1 also act as default outgoing.

    If Gateway_Pool_1 is down, all hosts regardless which HostGroup will use Gateway_Pool_4 as default outgoing, and this would cause ISP 4 congested.

     

    Can I replace the it with the following iRules to only use the default Gateway_Pool_1 if individual ISP gateway is down? 

     

    Your correct in your interpretation and your revised iRule code appears valid.