What to do after HTTP::respond ?

As a general rule, a LTM Local Traffic Policy should be preferred over iRule for performance reasons. In case of maintenance iRules/Policies, instead of serving all the static content from BigIP, I'd recommend issuing a 302 temp redirect to a specialized splash/maintenance service that is managed by the application owners, not middleware admins.

Hi Hannes, thank you for your response. Will an event disable then trigger a stop of the irule processing? (like return does)

No, you don't need to use return to stop iRule processing. It serves no use.

'event disable' stops processing of the event (HTTP_REQUEST) in this, and all other iRules attached to VS. Unlike with 'event disable all', it does not stop processing of other events in this, or any other iRule.

Hey Hannes,

I would rather buy a stronger LTM unit before moving to LTM policies. The problem of LTM Policies is still that the functionality is somewhat limited. You may just try to rebuild the simple Maintenance iRule posted here by NiHO. Good luck! 😉

(at)NiHo: You need to keep the return command to abort the current iRule. event disable or event disable all will just disable further iRule processing after the current iRule has been completed.

Cheers, Kai

Hello Kai,

Yes, it's a quite nasty iRule indeed. I used to do similar iRules for maintenance a few years ago. Now I realize F5 doesn't need to be a dumpster of HTML pages and static images just because the functionality is there. It's best to just collaborate with apps team to migrate any maintenance HTML and static content to Apache/NIX (or better yet, CDN).

If he could do the above, moving to a Local Traffic policy will no longer be that difficult. I do agree with you that iRules are still needed. They even took some LTM policy functionality out since v12, instead of adding any new :(

@Kai & @Hannes , thank you for your help! I decided to go with a global variable $response_issued to keep track if something is already sent. A lot more performant and easier than those connection closures!

Have a nice weekend!

@NiHo: You're welcome and have a nice weekend too!

@Hannes: I'm fine with your decission to redirect the stuff to somewhere else. But keep in mind that is has still certain benefits to keep the browsers on-site and display a temporary errorpages as needed. Hell yeah, it cost some CPU cycles, but in the end its worth every cent...

Cheers, Kai

Never expected I'd be able to shaken your belief in iRule solutions :)

Apart from perf, there's another point. If you use complex iRules, you will need to hire guys who have proficiency in iRules, i.e. Kai Wilke. That will rob you a lot of cents. If you use basic iRules, you can cope with your "Cisco CCNA" guys who will work for a warm lunch.

Hi Hannes,

If you want to safe additional money, then take a look to Kemp Loadbalancers. They can pretty much compete with pure LTM Policies ;-)

But you're right, even the Gartner Group has pointed out that:

• F5 has a very deep set of functionalities, but many customers do not fully leverage the platform's capabilities. (Source: Gartner Report)

... but if you want to leverage them and even hire external consultants...

• F5's APIs, scripting and integration capabilities often result in a series of lock-in features for F5 customers. (Source: Gartner Report)

... I will be most likely get a lock-in too. But I'm very glad that at least my customers telling me that I'm worth every cent they spent... ;-)

Cheers, Kai