cancel
Showing results for 
Search instead for 
Did you mean: 

iRule for source IP based routing

Nestor_01_13242
Nimbostratus
Nimbostratus

Hello,

 

I am new to iRules. I need some help to write an iRule for source IP based routing. All our customers send their packets to the same IP address and the same Port so then our LTM will should forward those packets based to an specific IP with different port.

 

Every incoming IP should be forwarded to the permanent IP with different ports based on an specific iRules. Eg.

 

Incoming IP (a.b.c.d port x) --- Forward ---> Outgoing IP (p.o.i.u port y)

 

Incoming IP (q.w.e.r port x) --- Forward ---> Outgoing IP (p.o.i.u port z)

 

Thanks in advance

 

8 REPLIES 8

nitass
F5 Employee
F5 Employee

a.b.c.d:x/q.w.e.r:x is source ip:port, isn't it?

 

is p.o.i.u:y/p.o.i.u:z source ip:port or destination ip:port?

 

Nestor_01_13242
Nimbostratus
Nimbostratus

Hello,

 

a.b.c.d:x/q.w.e.r:x is source ip:port.

 

p.o.i.u:y/p.o.i.u:z is destination ip:port.

 

Matthieu_Dieric
F5 Employee
F5 Employee

Are U talking about pool selection ? I mean, do you want to select a specific pool or member depending on the incoming IP ?

 

Is this incoming IP the source IP for your LTM ? If yes, have a look : https://devcentral.f5.com/articles/irules-101-05-selecting-pools-pool-members-and-nodes

 

Actually, you can select the destination node (member) depending several things.

 

nitass
F5 Employee
F5 Employee

not sure if i understand correctly. does it seem destination ip and port translation based on source ip and port?

 

e.g.

 

ltm rule myrule { when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] equals a.b.c.d] } { switch [TCP::client_port] { x { node p.o.i.u y } default { do something } } } elseif { [IP::addr [IP::client_addr] equals q.w.e.r] } { switch [TCP::client_port] { x { node p.o.i.u z } default { do something } } } else { do something } } }

Nestor_01_13242
Nimbostratus
Nimbostratus

Thank you very much Matthieu DIERICK and nitass.

 

I'll try your suggestions and I am going to let you know my results.

 

psavalam_195881
Nimbostratus
Nimbostratus

How to do this via network IP/mask and select pool ... think that is also doable isn't it. what would we be checking for this is the first link will browse for more.

 

nitass
F5 Employee
F5 Employee

How to do this via network IP/mask and select pool

 

IP::addr supports /mask option. is this what you are asking?

 

IP::addr

 

https://devcentral.f5.com/wiki/iRules.IP__addr.ashx

 

psavalam_195881
Nimbostratus
Nimbostratus

That is it.This is what I was looking for thank you Nitass.