Forum Discussion
Harris_Hassan_3
Nimbostratus
Nimbostratusredirecting all TCP and all UDP to different servers and routes
Hi ,
Appreciate the devcentral site , got a lot of good iRules samples from the tuorials and was implementing a setup for a customer. Basically it's a bunch Compression server for internet traffic.
Question , i'm not very familiar with iRules and managed to get one from your site , modded it a bit till i got this :
rule Redirect_Server_Pool {
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr] equals 0.0.0.0] } {
pool server_pool
}
It all works fine , all traffic hitting the LB will be routed to server pool (had to use iRules as customer was LB'ing links rather than servers).
Now , i'm required to filter based on TCP or others. It's simple enough if it's a specific port as i could [TCP::port XX] but how do you select all TCP ports then filter others out ? I guess the pseudocode of the new modded rule would be :
rule Redirect_Server_Pool {
when CLIENT_ACCEPTED {
if { port is TCP )
Reusing old code
rule Redirect_Server_Pool {
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr] equals 0.0.0.0] } {
pool server_pool
}
Reusing old code
else (if other types UDP , GRE ,ESP)
{ forward to another pool }
end
Appreciate any help. Thanks
- The best way would be to create protocol-specific virtual servers, one specifying protocol UDP and one specifying TCP. Since SCTP is the only other supported transport protocol for Standard VS, if you want to specify VS for others, you'd have to be using a Forwarding VS, rather than Standard VS LBing to a pool.
I am curious as to why an iRule is required -- looks like you are testing for client address but you want to match all & then just pick a pool? That's what a standard virtual server without an iRule does...
/deb 
Harris_Hassan_3Thanks a lot for the reply , much appreciated. I could post a visio document of flow but dunno if it's allowed in here. Only private IP's are shown so not much of a security issue i guess.
The problem is , we did make the standard Virtual server for the setup. But traffic just wouldn't flow to the servers. Added in the rule an it works.
Thanks
Maybe i'll draw up a simple flow on word for use.- Harris_Hassan_3Was thinking about your reply , while traffic flow still can't be done without iRules , the TCP/ UDP separation can.
I could either seperate the pools into one for UDP / TCP , or seperate the VS's into one for TCP / UDP. Since the system is not live yet , i'll give my customer a call and check if it works.
Thanks for the tip - Harris_Hassan_3Alrite , tested out by seperating the VS. Didn't work as a standard VS as expected , but managed to get the setup running via a wildcard VS. Thanks
- Excellent, glad to help
