Forum Discussion
Dave_Marshaloni
Mar 22, 2011Nimbostratus
Redirect User to different host based on source address
Hello All,
I'm new to iRules so this question may be stupid or not able to be accomplished.
We have a website (i.e. www.server.com) that we have. We want our internal users to be directed to a different Pool and everyone else be directed to the default Pool. Can I do that? What would the iRule look like?
Thanks
-dave
- Michael_YatesNimbostratusActually it is a good question and you can do it.
- Dave_MarshaloniNimbostratusI would want it based on client IP. For example if they were in either 192.168.1.0/24 or 192.168.2.0/24 subnets send them to a certain pool and the rest go to another pool.
- Chris_MillerAltostratusFun
when CLIENT_ACCEPTED { if { [IP::addr[IP::client_addr] eq 192.168.1.0/23] } { pool pool_x } else { pool pool_y } }
- hoolioCirrostratusNice work. For IP::addr, I think you need to spell out equals. You could also add multiple IP subnets to an address type datagroup and use the class match command to do the lookup:
- Chris_MillerAltostratusPosted By hoolio on 03/23/2011 08:51 AM
- hoolioCirrostratusHa... per the expr TCL wiki page, equals don't exist as an operator. So this is an iRule peculiarity.
- Dave_MarshaloniNimbostratusThanks so for the code? I have 4 or 5 subnets that I need to included. Can I add them to gether and use OR or some other operator?
- Michael_YatesNimbostratusYou could string them together, but it is cleaner to create a Data Group (Under Local Traffic -> iRules -> Data Group List) to put all of your subnets in.
when CLIENT_ACCEPTED { if { [class match IP::addr[IP::client_addr] eq mynetworks] } { pool matching.pool.name } else { pool nonmatching.pool.name } }
- hoolioCirrostratusThat's a good explanation. Just one small edit: you don't need to use IP::addr with class commands.
when CLIENT_ACCEPTED { if { [class match [IP::client_addr] equals mynetworks] } { pool matching.pool.name } else { pool nonmatching.pool.name } }
- Dave_MarshaloniNimbostratusThanks everyone. Let me try this.
Recent Discussions
Related Content
Â
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects