cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

iRule for static traffic distribution

miodas
Nimbostratus
Nimbostratus

Hello @LL

 

Me and my colleague we manage to write this iRule and it looks like its working so far :

when HTTP_REQUEST {  if { [IP::addr [IP::client_addr] equals 192.168.199.251] } {     if { [LB::status pool pool_crm_prod_https member 192.168.199.163 443] ne "down" } {          pool pool_crm_prod_https member 192.168.199.163 443          # Exit this event from this rule          return       } elseif {[LB::status pool pool_crm_prod_https member 192.168.199.186 443] ne "down" } {          pool pool_crm_prod_https member 192.168.199.186 443          # Exit this event from this rule          return        }  } elseif  { [IP::addr [IP::client_addr] equals 192.168.199.252] } {      if { [LB::status pool pool_crm_prod_https member 192.168.199.186 443] ne "down" } {          pool pool_crm_prod_https member 192.168.199.186 443          # Exit this event from this rule          return       } elseif {[LB::status pool pool_crm_prod_https member 192.168.199.163 443] ne "down" } {          pool pool_crm_prod_https member 192.168.199.163 443          # Exit this event from this rule          return        }   } elseif { [string tolower [HTTP::uri]] starts_with "/isvroot/" } {                                 pool pool_crm_prod_8888  } elseif { [string tolower [HTTP::uri]] starts_with "/isvroot2/" } {                                 pool pool_crm_prod_9999  } else {                                 pool pool_crm_prod_https  } }  #Default to load balancing all users #when HTTP_REQUEST {  # if { [string tolower [HTTP::uri]] starts_with "/isvroot/" } { # pool pool_crm_prod_8888 } #    elseif { [string tolower [HTTP::uri]] starts_with "/isvroot2/" } { #                pool pool_crm_prod_9999 } # else { # pool pool_crm_prod_https } #}

We were able to test it in our small test environment.

 

Recently customer decided that they need to add another servers and our test environment doesn't have option to test new iRule.

We want to force LB to statically distribute traffic this way :

wcf1 192.168.199.251 --> crm1 192.168.199.176

wcf2 192.168.199.252 --> crm2 192.168.199.163

wcf3 192.168.199.30 --> crm3 192.168.199.186

If it comes to VIP setup :

443/HTTPS

default persistence - cookie

fallback persistence - source addr

 

Can anyone tell me if this will work :

 

when HTTP_REQUEST {  if { [IP::addr [IP::client_addr] equals 192.168.199.251] } {     if { [LB::status pool pool_crm_prod_https member 192.168.199.176 443] ne "down" } {          pool pool_crm_prod_https member 192.168.199.176 443          # Exit this event from this rule          return       } elseif {([LB::status pool pool_crm_prod_https member 192.168.199.163 443] ne "down") or ([LB::status pool pool_crm_prod_https member 192.168.199.186 443] ne "down") } {          pool pool_crm_prod_https          # Exit this event from this rule          return        }  } elseif  { [IP::addr [IP::client_addr] equals 192.168.199.252] } {      if { [LB::status pool pool_crm_prod_https member 192.168.199.163 443] ne "down" } {          pool pool_crm_prod_https member 192.168.199.163 443          # Exit this event from this rule          return       } elseif {([LB::status pool pool_crm_prod_https member 192.168.199.176 443] ne "down") or ([LB::status pool pool_crm_prod_https member 192.168.199.186 443] ne "down") } {          pool pool_crm_prod_https          # Exit this event from this rule          return        }   } elseif  { [IP::addr [IP::client_addr] equals 192.168.199.30 ] } {      if { ([LB::status pool pool_crm_prod_https member 192.168.199.186 443] ne "down") } {          pool pool_crm_prod_https member 192.168.199.186 443          # Exit this event from this rule          return   } elseif {([LB::status pool pool_crm_prod_https member 192.168.199.163 443] ne "down") or ([LB::status pool pool_crm_prod_https member 192.168.199.176 443] ne "down") } {          pool pool_crm_prod_https          # Exit this event from this rule          return        }   } elseif { [string tolower [HTTP::uri]] starts_with "/isvroot/" } {                                 pool pool_crm_prod_8888  } elseif { [string tolower [HTTP::uri]] starts_with "/isvroot2/" } {                                 pool pool_crm_prod_9999  } else {                                 pool pool_crm_prod_https  } }  #Default to load balancing all users

 

 

 

 

 

0 REPLIES 0