Why do we need to use [IP::addr [IP::client_addr]]?

[IP::addr] - Performs comparison of IP address/subnet/supernet to IP address/subnet/supernet.

In the example they are asking if incoming Client IP Address is contained within any of the listed subnets, then send that traffic to a specific pool, not the one tied to the Virtual Server:

[IP::addr [IP::client_addr]]/24 equals xxx.xxx.xxx.xxx][

The Wiki Entry has some good examples: http://devcentral.f5.com/Wiki/default.aspx/iRules.IP__addr

I was looking for a post from unRuleY which had more detail, but couldn't find it. I believe IP::addr does a more efficient byte comparison than you could do with a string comparison. And as Michael points out, IP::addr allows you to do CIDR comparisons that you couldn't easily do with string operations.

 

 

Aaron

Posted By hoolio on 06/24/2010 11:18 AM

 

I was looking for a post from unRuleY which had more detail, but couldn't find it. I believe IP::addr does a more efficient byte comparison than you could do with a string comparison. And as Michael points out, IP::addr allows you to do CIDR comparisons that you couldn't easily do with string operations.

 

 

Aaron

 

 

Most of my comparisons are comparing client_addr or server_addr to address-type datagroups which contain both networks and hosts...is there any benefit to using [IP::addr[IP::server_addr]] or should I just save myself the characters?

I expect [IP::addr $ip] would return 1 if $ip was an IP address and a runtime error if it's not. So I don't see any reason to use that. Running a class command (class, matchclass, etc) with an IP address/network against an address type datagroup should use a byte comparison and be more efficient than a string comparison.

 

 

Aaron

Just an FYI, most efficient format for comparison is

 

 

[IP::addr [IP::client_addr] equals xxx.xxx.xxx.0/24]

Hey Jason,

 

 

Thanks again for all of your testing and the article for this!

 

 

Aaron