redirect based on source ip

Question

I can't seem to get redirects based on client IP working.  The IP on alloweed IP class works by passing traffic. All other ips get dropped.&nbsp;
 &nbsp;
when CLIENT_ACCEPTED {&nbsp;
 &nbsp;
     Check if client IP is in the datagroup&nbsp;
    if {[matchclass IP:addr[IP::client_addr] equals $::ALLOWED_IP_class]}{&nbsp;
    pool prodpool&nbsp;
    } else {&nbsp;
    pool testpool&nbsp;
    }&nbsp;
 }&nbsp;

kevin_stewart · Answer

IP::addr is a boolean operator, which you don't need to make a comparison with a data group entry. So an updated (v10/v11) version of your rule might look something like this:

when CLIENT_ACCEPTED {
     if { [class match [IP::client_addr] equals ALLOWED_IP_class] } {
          pool prodpool
     } else {
          pool testpool
     }
}

If you define ALLOWED_IP_class as an address class, then you can filter on both host (specific) and network (subnet) client IPs.

Forum Discussion

redirect based on source ip

1 Reply

Win Big in Vegas: The iRules Contest is back with $5k on the line at AppWorld 2026

Jürgen - February 2026 Featured Member

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

AppWorld DC Booth Kiosk Generator

Questions on R-Series 5800s

Blindfold key for API request to replace TLS certificate

ASM bd daemon crash while processing request body (SIGSEGV) – anyone seen similar behavior?

APM Policy loses POST request content when forwarding across multiple domains.

Related Content

F5 HTTPS Redirect 2025

URL based redirection

F5 Distributed Cloud - Traffic Steering based on Client IP Address

Source IP Based Pool Routing

F5 & Cisco ACI Essentials - Take advantage of Policy Based Redirect

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS