F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Robert_Richmond's avatar
Robert_Richmond
Icon for Nimbostratus rankNimbostratus
Aug 16, 2007

Wildcard VIP with iRule defining Port

  Thanks for taking the time to read this.     I am trying to load balance cisco secure traffic through a vip. And here are my options:     A) Create a separate VIP with a separate po...
application delivery
dev
devops
iRules
Robert_Richmond's avatar
Robert_Richmond
Icon for Nimbostratus rankNimbostratus
Aug 16, 2007
I used data group lists instead of classes and tweaked yours to the irule below (probably unnecessary, but a good excercise for a new irule-er). When I apply the rule, the vip is looking for both tcp and udp profiles to be applied (due to the matchclass statements). Being configured as a standard vip, this is not possible. Will I need to configure this as a 'Performance (Layer 4)' type vip with '*All Protocols' selected?

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

When a client is accepted, if the port matches a port in the corresponding protocol data_group_list then forward to the pool. Else discard.

 

 

when CLIENT_ACCEPTED {

 

if { [matchclass [UDP::local_port] equals $::ciscoSecureUDP ] or [matchclass [TCP::local_port] equals $::ciscoSecureTCP ] } {

 

pool acs.deloitte.com_Wildcard

 

} else { discard }

 

}

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

Thanks,

 

 

Rob