Outbound Virtual Server with destination iRule

Question

I have an outbound virtual server that has a destination IP configured, and traffic flows correctly. For redundancy I would like to add another destination IP to that virtual server, but only one IP is allowed.  I was thinking that if my destinations are 192.168.1.1 and 192.168.2.1 I could change the destination to on the virtual server to a destination of 192.168.0.0/16.  Then I would have to create an iRule in the SSL server that is associated with the virtual server to say only allow 192.168.1.1 and 192.168.2.1 and drop any other IP's.&nbsp;
So do I need to create an iRule that has a pool of the 2 IP's?  Are there any examples of this? &nbsp;

nitass_89166 · Answer

you may add ip addresses in data group and check it using class command.&nbsp;
e.g.&nbsp;
class match -- [IP::local_addr] equals data_group_name&nbsp;
class&nbsp;
https://devcentral.f5.com/wiki/iRules.class.ashx&nbsp;

nitass · Answer

you may add ip addresses in data group and check it using class command.&nbsp;
e.g.&nbsp;
class match -- [IP::local_addr] equals data_group_name&nbsp;
class&nbsp;
https://devcentral.f5.com/wiki/iRules.class.ashx&nbsp;

maze_runner_200 · Answer

So the destination on the virtual server has been changed to a class B which will use an iRule to allow 2 IP's via data groups.  If a pool is created within the iRule can it be configured to route to the available destination IP?  The two destination IP's that I am using are external.

maze_runner_200 · Answer

So the destination on the virtual server has been changed to a class B which will use an iRule to allow 2 IP's via data groups.  If a pool is created within the iRule can it be configured to route to the available destination IP?  The two destination IP's that I am using are external.

nitass · Answer

If a pool is created within the iRule can it be configured to route to the available destination IP? The two destination IP's that I am using are external.&nbsp;

what virtual server type are you using? is it performance layer 4, standard or ip forwarding virtual server?&nbsp;
in case of performance layer 4 or standard, you use gateway as a pool.&nbsp;
in case of ip forwarding, you cannot have pool. so, what you need is route for those ip addresses e.g. 192.168.1.1 and 192.168.2.1.&nbsp;

Forum Discussion

Outbound Virtual Server with destination iRule

5 Replies

Win Big in Vegas: The iRules Contest is back with $5k on the line at AppWorld 2026

Jürgen - February 2026 Featured Member

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

SSL and Uri Rewrites

Pre & Post validation of F5 configuration

Upgrading vCMP guest

DNS topology not distributing as expected

Sizing calculation storage

Related Content

Destination address at F5

iControl REST Cookbook - Virtual Server (ltm virtual)

SSL Orchestrator Advanced Use Cases: Outbound SNAT Persistence

Regional Edge Resiliency Zones and Virtual Sites

Lightboard Lessons: SSL Outbound Visibility

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS