Forum Discussion
cort_17498
Nimbostratus
NimbostratusRedirect based on Port
I'm pretty new to the F5 world.... be gentle.
For the life of me I cannot get this rule to work:
when CLIENT_ACCEPTED {
set port [TCP::local_port]
if { $port equals "23" } {
pool "PORT-23"
if { $port equals "22" } {
pool "PORT-22"
}
}
}
It will only go to the first port defined in the rule. Any help is appreciated.
hoolioCirrostratus
Are you testing this iRule on a port 0 (any) VIP? Do you have port translation enabled on the VIP? If you remove the iRule and add the PORT-22 pool to the VIP, can you make a request on port 22 to the VIP? If not, check the routing between LTM and the pool members. If the default gateway of the servers isn't the LTM, you'll need to enable SNAT.
Once you have the port 22 pool working on the VIP, you can retest the iRule with a minor change and some debug logging:when CLIENT_ACCEPTED { log local0. "[IP::client_addr]:[TCP::client_port]: New connection to [IP::local_addr]:[TCP::local_port]" Check the destination port switch [TCP::local_port] { "22" { Request was to port 22 pool "PORT-22" log local0. "[IP::client_addr]:[TCP::client_port]: Using PORT-22 pool" } "22" { Request was to port 22 pool "PORT-22" log local0. "[IP::client_addr]:[TCP::client_port]: Using PORT-23 pool" } default { reject log local0. "[IP::client_addr]:[TCP::client_port]: Request to undefined port. Resetting connection." } } }
Aaron
cort_17498That was perfect, thank you very much.