For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

cerpika_14370's avatar
cerpika_14370
Icon for Nimbostratus rankNimbostratus
Dec 11, 2009

URI based pool selection

I'm looking to build an iRule that selects a pool based on the URI. In this case the URI will always be 1 word, which makes this fairly straight forward. For example, the whole URL/URI will be

 

 

http://www.mysite.com/word1 or

 

http://www.mysite.com/word2

 

 

I'd like to build the iRule to not reference the pool by specific name, but by variable. That way, I can add pools in the future and not have to change the iRule. So is it possible to build the iRule to parse the URI, and just use the URI as the pool name to send the traffic to?

 

 

And if so, then my next question is, how can I control behavior if the URI does not exist as a name of a pool? For instance, if the client request is for http://www.mysite.com/word3, but I have no pool named word3, is it easy to build logic for handling that?

 

 

Thanks!

 

application delivery
dev
devops
iRules

1 Reply

  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Dec 11, 2009
    Hi,

    Try searching for 'uri pool select catch' in this forum to find a few examples. You can use catch (Click here) to handle errors where the iRule logic selects a pool name that doesn't exist.

    Here is an example that checks for a specific parameter value to get the pool name from the URI. The risk of this approach is that someone with knowledge of your pool names could force their request to be sent to any defined pool. You could validate the pool name in this section: 

     
     Check if a pool name was parsed from the URI 
    if {$pool_name ne ""}{

    By adding logic here: 

     
     Check if a pool name was parsed from the URI 
    if {$pool_name ne "" && $some_validation_check==1}{

    $some_validation_check==1 could be a check of the prefix of the pool name, a lookup using matchclass against a datagroup, or something else. 

     
 when HTTP_REQUEST { 
  
     Get the pool selector parmaeter value using URI::query 
    set pool_name [URI::query [HTTP::uri] "my_pool_selector_param"] 
  
     Log details of the request and the URI parameter which contains the pool info (ex: my_pool_selector_param) 
    log local0. "[IP::client_addr]:[TCP::client_port]: New [HTTP::method] request to [HTTP::host][HTTP::uri]\ 
       with param $pool_name" 
  
     Check if a pool name was parsed from the URI 
    if {$pool_name ne ""}{ 
  
        Try selecting the pool by name. Use catch to handle non-existent pool name. 
        Save any errors to $result 
       if {[catch {pool $pool_name} result]}{ 
  
           Pool name was not valid 
          log local0. "[IP::client_addr]:[TCP::client_port]: Tried $pool_name, but received error: $result" 
  
       } else { 
  
           Pool name was parsed and didn't trigger a runtime error 
          log local0. "[IP::client_addr]:[TCP::client_port]: Selected $pool_name" 
       } 
    } else  { 
  
        No pool name was parsed from the URI 
       log local0. "[IP::client_addr]:[TCP::client_port]: No pool name in URI" 
    } 
 }

    If this doesn't look close to what you were thinking, could you post more detail on your specific scenario?

    Thanks,

    Aaron