Forum Discussion

goyogi's avatar
goyogi
Icon for Nimbostratus rankNimbostratus
Jan 18, 2012

rule sending to wrong pool if connection is already established

Here is my irule

 

 

 

when HTTP_REQUEST {

 

log local0. "Requested HTTP Method: [HTTP::method]"

 

if { [HTTP::path] starts_with "/root/landingpages/affLandPage.asp" or

 

[HTTP::path] starts_with "/root/offer.asp" or

 

[HTTP::path] starts_with "/root/campaign.asp" or

 

[HTTP::path] starts_with "/root/basket.asp" or

 

[HTTP::path] starts_with "/root/redirects/add2cart.asp"} {

 

log local0. "Requested uri is [HTTP::uri]"

 

prefix legacy stuff to the original URI and add the requested host

 

HTTP::uri /legacyeol?legacyUrl=http://[HTTP::host][HTTP::uri]

 

replace the requested host

 

HTTP::header replace Host "home.foo.com"

 

log local0. "Redirected hostheader is [HTTP::header value Host]"

 

forward the modified request to home pool

 

pool home-qw-5

 

log local0. "Forwarding to pool [LB::server]"

 

log local0. "Redirected HTTP Method: [HTTP::method]"

 

}

 

}

 

 

 

When I hit the VIP with this irule applied with this uri

 

http://us.foo.com/root/offer.asp?id=4934&affid=315

 

it will forward it to the home-qw-5 pool fine. Excellent.

 

 

 

Then while the connection has not timed out and go to

 

http://us.foo.com/root/popup.asp?path=/common/en-us/popups/mpfp/moreInfo.asp&close=true

 

which does not match the if statement I will get a 404. In the server logs I see that it's because the LTM is still forwarding it to the home-qw-5 pool which isn't hosting us.foo.com.

 

 

 

If I kill the connection with b conn client delete or wait a few minutes for it to timeout and try the uri again I do not get the 404 because it directs it to the default pool of the VIP.

 

 

 

It seems that the rule is setting the pool as the default pool for the session. How do I properly write this and is my understanding of what it's doing accurate?

 

3 Replies

  • goyogi's avatar
    goyogi
    Icon for Nimbostratus rankNimbostratus
    I think this post answers my question

     

    http://devcentral.f5.com/Default.aspx?tabid=53&aft=6751

     

     

  • Or just add a OneConnect profile to the virtual server. If you're using SNAT on the serverside, you can use the default OneConnect profile with a /0 source mask. If you're not doing source address translation on the serverside connection then create a custom OneConnect profile with a /32 source mask.

     

     

    http://devcentral.f5.com/wiki/AdvDesignConfig.ONECONNECT.ashx

     

     

    Aaron
  • goyogi's avatar
    goyogi
    Icon for Nimbostratus rankNimbostratus
    Thanks Aaron. I verified that works. We already are using oneconnect in production but not QA where we discovered this. I also like the idea of an explicit else statement and will play with the best way to approach it.