Redirecting traffic using iRules or Root Domains

Question

Hi All,&nbsp;
So we have an F5 BigIP LTM with two interfaces, DMZ &amp; Inside. The traffic flow required is from external&gt;DMZ&gt;F5&gt;DMZ&gt;Palo Alto. The Palo Alto has an Inside interface.&nbsp;
So to be clear we do not want the traffic to flow via the F5 Inside Interface but back out of the DMZ interface to the Palo Alto DMZ Interface.&nbsp;
So what should I used... Can I use an iRule or do I have to introduce another Root Domain?&nbsp;
Thanks&nbsp;
Simon&nbsp;

kai_wilke · Answer

Hi Simon,&nbsp;
An iRule could be used to overwrite the source IP and also next hop, when forwarding the traffic from your DMZ to your internal network. &nbsp;
But i would recomment to use different route domains for each security zone (e.g. Internal and dmz). It would simplify your setup to a great extend, make it more robust and less error phrone. In this case you wouldnt need iRule to route the trafic accordingly, since each route domoin would have an independent routing table.&nbsp;
Cheers, Kai&nbsp;

kai_wilke · Answer

BTW: Welcome to DevCentral. Take a seat and enjoy the show... ;-)&nbsp;

Forum Discussion

Redirecting traffic using iRules or Root Domains

2 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

irule execution error

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

Curl 7.10.5 < 8.12.0 Integer Overflow (CVE-2025-0725)

Show or List F5 XC Routes in the Web

Related Content

F5 HTTPS Redirect 2025

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Enriching AFM with public domain Threat Intelligence

S3 Traffic Optimization with F5 BIG-IP & NetApp StorageGRID

irule uri traffic redirection failing

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS