Using twi IRULE in the VS Wildcard

Question

Hello;
&nbsp;i want to use two IRULE in my VS Wilcard.
&nbsp;We have two ISP and we want to redirect trafic as bellow:
&nbsp;- VPN: to ISP01
&nbsp;- SNATting of some internal IPs to go through ISP01.
&nbsp;- Load balancing all other trafic between the two ISP (ISP01, ISP02)&nbsp;
&nbsp;Here is the two IRULE that i want to implement in the VS WildCard Forwarding IP:&nbsp;
&nbsp;IRULE01
&nbsp;-----------------------------------------------------------------
&nbsp;when CLIENT_ACCEPTED {
&nbsp;  if { [IP::protocol] == 50 } {
&nbsp;     pool POOL_ISP1
&nbsp;  } elseif { [UDP::local_port] == 500 } {
&nbsp;     pool POOL_ISP1
&nbsp;  } 
&nbsp;}&nbsp;
&nbsp;IRULE02
&nbsp;-----------------------------------------------------------------
&nbsp;when LB_SELECTED {
&nbsp;if { [IP::addr [IP::client_addr] equals 172.24.95.139 ] } {
&nbsp;snat 196.1.1.1
&nbsp;pool POOL_ISP1
&nbsp;} elseif { [IP::addr [IP::client_addr] equals 172.24.95.133 ] } {
&nbsp;snat 196.1.1.2
&nbsp;pool POOL_ISP1
&nbsp;} elseif { [IP::addr [IP::client_addr] equals 172.24.95.135 ] } {
&nbsp;snat 196.1.1.3
&nbsp;pool POOL_ISP1
&nbsp;} else {
&nbsp;snat automap
&nbsp;pool POOL_Gateway_ISP01
&nbsp;}}
&nbsp;-----------------------------------------------------------------&nbsp;&nbsp;
&nbsp;Is it possible to implement these two IRULEs in my VS Wildcard?
&nbsp;is the priority importante in my cas, i mean IRULE01 then IRULE02?&nbsp;
&nbsp;thank you&nbsp;

jrahm · Answer

Priority is not important in this case as the CLIENT_ACCEPTED event will always fire before the LB_SELECTED event.  There is no need to separate these functions into two rules.

faycal_29095 · Answer

thanks for your replay;
&nbsp;so if i understand, i wan apply only one IRULE in my VS Wildcard :&nbsp;
&nbsp;IRULE01---------------------------------------
&nbsp;when CLIENT_ACCEPTED {
&nbsp;if { [IP::protocol] == 50 } {
&nbsp;pool POOL_ISP1
&nbsp;} elseif { [UDP::local_port] == 500 } {
&nbsp;pool POOL_ISP1
&nbsp;} 
&nbsp;}
&nbsp;when LB_SELECTED {
&nbsp;if { [IP::addr [IP::client_addr] equals 172.24.95.139 ] } {
&nbsp;snat 196.1.1.1
&nbsp;pool POOL_ISP1
&nbsp;} elseif { [IP::addr [IP::client_addr] equals 172.24.95.133 ] } {
&nbsp;snat 196.1.1.2
&nbsp;pool POOL_ISP1
&nbsp;} elseif { [IP::addr [IP::client_addr] equals 172.24.95.135 ] } {
&nbsp;snat 196.1.1.3
&nbsp;pool POOL_ISP1
&nbsp;} else {
&nbsp;snat automap
&nbsp;pool POOL_Gateway_ISP01
&nbsp;}}
&nbsp;-----------------------------------------------------------------&nbsp;
&nbsp;you think that with this IRULE, the trafic of VPN and SNAT of internal Server pass through ISP01 ?&nbsp;
&nbsp;please confirm or if you have another suggetion for my case.
&nbsp;thanks&nbsp;&nbsp;&nbsp;

Forum Discussion

Using twi IRULE in the VS Wildcard

Recent Discussions

Can i apply ddos profile on virtual server using port range

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

ASM Export JSON - size Limit ?

SNI Sites not taking correct certificate.

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

Related Content

Using Tcl packages in iRules

iRules Heat Map - US Only

iRule http host with wildcard domain

Help with irule using switch

irule not redirect with wildcard.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS