cancel
Showing results for 
Search instead for 
Did you mean: 

F5 iRule for persistence with header and source address persistence as fallback

eLeCtRoN
Cirrus
Cirrus

Hello, 

I'm not so good in iRules, but maybe someone can give me some examples, I have an VS for more than one service with an iRule like this below 

when HTTP_REQUEST {
   if {[string tolower [HTTP::host]] starts_with "company.com"}{
      if {[string tolower [HTTP::uri]] starts_with "/human"}{
         pool "pool_human"
      } elseif {[string tolower [HTTP::uri]] starts_with "/body"}{
         pool "pool_body"
      } elseif {[string tolower [HTTP::uri]] starts_with "/dev"}{
         pool "pool_dev"
      }
   }
}

so now I want to integrate in this iRule a decision, for the /body should be an header persistence active, for example the request arrives with header1 it should persist to node1 in the pool_body and with header2 it should persist to node2 in the pool_body. If is header 1 and 2 not present he should use source address persistence as fallback persistence. Is that possible ? Could someone show me an example how could I the existing iRule extend with my requirement ? 

thx

kind regards

6 REPLIES 6

Hi @eLeCtRoN , 
I have a bit poor environment to test my script for you , so sorry for that. 

I have written this script for your case , Find it : 

when HTTP_REQUEST {
   if {[string tolower [HTTP::host]] starts_with "company.com"}{
      if {[string tolower [HTTP::uri]] starts_with "/human"}{
         pool "pool_human"
      } elseif { [string tolower [HTTP::uri]] starts_with "/body"}{ 
        if {[HTTP::header "xxx"] contains "header_1"}{
         pool "pool_body" member 10.10.10.10 80
      } elseif {[HTTP::header "xxx"] contains "header_2"}{ 
         pool "pool_body" member 10.10.10.20 80
      } else {
      pool "pool_body"
      persist source_addr 255.255.255.255 3600  
      }
      
       } elseif {[string tolower [HTTP::uri]] starts_with "/dev"}{
         pool "pool_dev"
      }
   }
}

> For "/body" conditions , I have added a new loop For pool members selections and persistence as well. 
> I assume you have a header "xxx" and should contain "header_1" or "header_2" to select one of pool_members 
( 10.10.10.10:80) or (10.10.10.20:80) are for examples to test the validity of my iRule script , you need to change both of them to " Pool_body" members ips and port , okay? 

> this line ( persist source_addr 255.255.255.255 3600 ) to make source address affinity persistence as a fallback ip the the first and second conditions fails , Mask " 255.255.255.255 " is to make persistence by ip not subnet , you can specify subnet if you need that , Also "3600" attribute means the duration that Big-ip stores the source ip in persistence record table . 

try it and give me your feedback , I will try to simulate this environment on my lab to see. 
> I recommend that you perform it in a test virtual server and take Packet capure to see if iRule does its job or not. 

Regards 

 

@eLeCtRoN , 

> The First iRule I sent , it depends on you have a specific header but has two values (header_1 & header 2 ) 
So persistence will take effect based on this. 

> But when I read you request now , I thind you meant by ( header_1 & header_2) that they are header names that coming in requests not values , So that I have modified it to this iRule script : 

when HTTP_REQUEST {
   if {[string tolower [HTTP::host]] starts_with "company.com"}{
      if {[string tolower [HTTP::uri]] starts_with "/human"}{
         pool "pool_human"
      } elseif { [string tolower [HTTP::uri]] starts_with "/body"}{ 
        if {[HTTP::header exists "header_1"] }{
         pool "pool_body" member 10.10.10.10 80
      } elseif {[HTTP::header exists "header_2"]}{ 
         pool "pool_body" member 10.10.10.20 80
      } else {
      pool "pool_body"
      persist source_addr 255.255.255.255 3600  
      }
      
       } elseif {[string tolower [HTTP::uri]] starts_with "/dev"}{
         pool "pool_dev"
      }
   }
}

 

Try it , also I am implementing a simulated Lab to test it. 
Hope it helps you. 

Ahmed69
Nimbostratus
Nimbostratus

The virtual server's Fallback Persistence Profile option allows the system to use only two persistence profiles: Destination Address Affinity (dest_addr) - Directs session requests to the same server based solely on the destination IP address of a packet. 

 

Price Chopper Employee Login

Hi @Ahmed69 , 
He needs it through iRule not by virtual server resources Fallback persistence. 
I have implemented it above. 
you can test it if you have such this scenario. 
Regards 

eLeCtRoN
Cirrus
Cirrus

Hi Mohamed,

thx for your example, I can test it in the end of this week. If I have an feedback for you I let you know.

kind regards

@eLeCtRoN , 
Thanks , I hope it work with you.