Forum Discussion
AltostratusWhat is proper way to stop irule processing when F5 is behind Akamai CDN
Hi guys,
I am adapting current iRules to be "compatible" with Akamai CDN. My current challenge is how to replace properly drop, reject or event disable.
Any safe way to close HTTP session and disable irules processing for it, without closing TCP connection?
Currently I am focusing on HTTP::redirect and "if/then" flag that irule need to be skipped.
when HTTP_REQUEST {
if { $HTTP_Request_State eq "Continue" } {
Do Something
}
}
But will be cool if there is other way, for some vhost we have more than 10 rules...
2 Replies
- Kai_Wilke
MVP
Hi Joe,
instead of using variables to deactivate certain script blocks, you could disable further iRule processing by using
followed by an[event disable all]
to stop the current iRule. To reenable the events again you have to eitherreturn
the connection or configure an LTM Policy which reenables the iRule processing on each subsequent HTTP request.TCP::closeLTM Policy Condition:
- Every request
LTM Policy Action:
- Target: TCL
- Event: request
- Action: set-variable
- Name: dummy_var
- Expression: [event enable all]
Cheers, Kai
Hannes_RappNimbostratus
Any HTTP requests routed via Akamai CDN come with "Via" Header that contain 'akamai' sub-string in it. Therefore, for HTTP services you can use my iRule as a starting point. You can similarly just start with the functionality right after the Via header value check, but if you have more bypass conditions, such as some monitoring server IPs, using a variable could make your code look better visually.
I use similar logic
when HTTP_REQUEST { set byPass 0 if { [HTTP::header value "Via"] contains "akamai" }{ Replace akamai with llnw if you use Limelight set byPass 1 } if { $byPass == 0 }{ Do whatever you want here } }
