cancel
Showing results for 
Search instead for 
Did you mean: 

How to Create IRule to divert traffic between Pools based on XFF Header

Raunak_Tiwari
Nimbostratus
Nimbostratus

Hello Everyone,

 

I am facing issue with my Irule, Natted Traffic is coming from Imperva WAF and i have take value Value of XFF Header to redirect traffic to specific pool.

 

I am receiving HTTPs traffic and i have also enabled SSL Interception on F5 LTM.

 

IRule that i am using.

when HTTP_REQUEST {

if { [HTTP::header "X-FORWARDED-FOR"] equals "<DataGroupName>" } {

pool Federation-ACC-444

} else {

pool Federation-ACC-443

}

}

 

Could you help me how i can proceed further, because above IRule is not working.

 

1 ACCEPTED SOLUTION

Hi Raunak Tiwari,

 

You should use "class match" for datagroup compare

when HTTP_REQUEST { if { [class match [HTTP::header "X-FORWARDED-FOR"] equals <DataGroupName>] } { pool Federation-ACC-444 } else { pool Federation-ACC-443 } }

https://clouddocs.f5.com/api/irules/class.html

View solution in original post

2 REPLIES 2

Hi Raunak Tiwari,

 

You should use "class match" for datagroup compare

when HTTP_REQUEST { if { [class match [HTTP::header "X-FORWARDED-FOR"] equals <DataGroupName>] } { pool Federation-ACC-444 } else { pool Federation-ACC-443 } }

https://clouddocs.f5.com/api/irules/class.html

Raunak_Tiwari
Nimbostratus
Nimbostratus

Dear Eaa,

 

Thanks For your help,

 

Small change i have done in IRule.

 

0691T000009hw73QAA.png

I have used Incap-Client-IP at place of XFF Header.

 

Imperva supports both headers but in my situation it was using Incap-Client-IP

 

https://support.incapsula.com/hc/en-us/articles/200627650-Detection-and-Location-of-Real-Source-Clie...