Forum Discussion
karlg_49229
Nimbostratus
NimbostratusUDP DST Port Range Load Balancing Rule
There is no TCP connection associated with these packets - it is raw UDP only, between port ranges 9000 to 9100 on the DST side, and targeted to a particular IP address.
Can I humbly ask the advice of an iRule expert for the rule syntax? We tried a few and so far no luck.
Best,
Karl G.
3 Replies
hoolioCirrostratus
Hi Karl,
Do you want to allow UDP packets destined for ports 9000 - 9100 and block all others? If so, you can create a virtual server with either a UDP profile or a Performance L4 virtual and use an iRule like this:when CLIENT_ACCEPTED { if {[UDP::local_port] >= 9000 and [UDP::local_port] <= 9100}{ Allow } else { Send the client a reset reject } }
Aaron- hoolioGreat. For performance, it would be a lot more efficient to use a PerfL4 VS.
Aaron 
Al_7601Hi Aaron,
I work with Karl and I am trying to figure out if something I am seeing is because of this rule or something else. Along with this rule, we have a pool on the Virtual Server. The issue I am seeing is that even if I remove the first server in the pool and hope to see traffic only going to the second and third, traffic still makes it to the first server. I also disable the node and still see traffic to this first server. What do you think can be going on?
Best Regards,
Al
