Forum Discussion
Ranvir_Floura_7
Nimbostratus
NimbostratusRedirect based on source IP address
Hello,
I have a iRule question on version 4.6.2 of Big-IP. What I am trying to set up is during maintenance windows, allow only a specific IP (or a group of IP address) to be able to connect to the production application, everyone else will get redirected to a static page saying something along the lines of "maintenance going on - come back later".
Will the following rule work?
rule myweb {if(client_addr == 192.168.10.10)
{redirect to "http://limited.mywebapp.com"}
else {use pool servers}
}
rule limited_myweb
{if(client_addr!= 192.168.10.10)
{redirect to "http://www.mywebapp.maintenance.com/"}
else {discard}
}
Thanks!
2 Replies
- Ranvir,
it won't work, assuming that the limited_myweb rule is used by the virtual servicing the http://limited.mywebapp.com site. Client 192.168.10.10 won't be able to connect at all.
In order to provide different response during maintenance, you may use following configuration:pool www_servers { fallback "http://www.mywebapp.maintenance.com" member 1.1.1.1:80 member 1.1.1.2:80 } pool servers { member 1.1.1.1:* member 1.1.1.2:* } rule myweb { if(client_addr == 192.168.10.10) { use pool servers } else { use pool www_servers } } virtual www.mywebapp.com:80 { use rule myweb }
In order to enter maintenance mode, you need to disable nodes in pool www_servers which triggers the fallback URL to delivered as redirect location. This is achieved using command:bigpipe node 1.1.1.1:80 1.1.1.2:80 disable
Client 192.168.10.10 is connecting via pool servers whose members remain enabled. 
Ranvir_Floura_7Thanks mmac! That worked out just fine.
Now, to add some more complexity to the scenario, will it be possible to have a multiple IP addresses rather just one IP address?
