cancel
Showing results for 
Search instead for 
Did you mean: 

iRule help for Single Node/URL Persistance across Pool.

Harry_Singh_105
Nimbostratus
Nimbostratus

Admitedlly, I have little to no experience with iRule creation. I've persued the vast amount of information on the site, and truthfully it will take me a while to get comfortable with iRules, but deadlines are deadlines.

 

I need help creating an iRule that will allow anyone (outside of the network) attempting to request a specific URL string (i.e https://site.company.com/connect/login.aspx) to pass through the load balancer to the pool of webservers and communicate to only 1 of the webservers in said pool.

 

 

https://site.company.com is available publicly, but a 3rd party vendor has installed a plugin on one of the webservers and needs constant communication to this URL string for polling/uptime data. I'm confident this is something I can do with the F5-1500's i currently have and really don't want to blow a public IP just for this purpose.

 

 

As always, your help would be greatly appreciated. Also, for any MVP or iRule rockstar who is interested in some side work regarding the my F5, contact me offline or send me a direct message.

 

 

Best,

 

 

Harry.

 

15 REPLIES 15

What_Lies_Bene1
Cirrostratus
Cirrostratus
OK, so we can identify that client based on the URI requested? If not, how can we?

Harry_Singh_105
Nimbostratus
Nimbostratus

Thanks for the reply Steve.

 

 

I've spoken with the 3rd party vendor and they have indicated that they initiate the traffic/request from their web farm over port 80. They need direct access to a sub-virtual directory installed on 1 of the webservers which is part of a pool that is already serving up pages both internally and externally.

 

The main page that everyone is using right now is https://site.company.com.

 

The new page that the vendor needs direct communication with is https://site.company.com/connect/login.aspx.

 

 

The /connect virtual directory and respective files only exists on 1 of the webservers (in a pool of 5).

 

I'm stuck with creating the right syntax to forward, if you will, anyone requesting that specific URL to direct that request to the one weberver and of course that webserver talking back out.

 

 

I hope that makes sense and if you need specific information about my config, let me know.

 

 

Harry.

 

What_Lies_Bene1
Cirrostratus
Cirrostratus
OK, no problem, thanks. This should do it;

 

when HTTP_REQUEST { if { [string tolower [HTTP::uri]] equals "/common" } { pool ‘pool_name’ member x.x.x.x XX } }

Harry_Singh_105
Nimbostratus
Nimbostratus
Thanks steve!

 

 

I suppose if the request comes in as HTTPS, i would change the HTTP references accordingly ?

What_Lies_Bene1
Cirrostratus
Cirrostratus

You're welcome. Are you terminating the SSL? If so, no change is required. If not, the iRule won't work anyway.

 

Harry_Singh_105
Nimbostratus
Nimbostratus
By terminating SSL, do you mean if I've installed the certificates on the F5? Now that I type it out, yes SSL terminates at the f5.

Harry_Singh_105
Nimbostratus
Nimbostratus
FWIW, I have two separate pools setup one for http and https for the same set of webservers.

What_Lies_Bene1
Cirrostratus
Cirrostratus
OK, that's cool. The same iRule will work with both Virtual Servers no problem, no need to change anything as long as a HTTP profile is assigned to both.

Harry_Singh_105
Nimbostratus
Nimbostratus
Thanks Steve. Both VS's are using the same HTTP profile. I will look to apply the configured iRule in place right now. Thanks again for your prompt replies.

What_Lies_Bene1
Cirrostratus
Cirrostratus
Great. You're very welcome.

Harry_Singh_105
Nimbostratus
Nimbostratus
Steve - to confirm I should replace the '/common' with the virtual directory which needs to be polled correct ? I shouldn't replace the /common with the entire URL string right ?

nitass
F5 Employee
F5 Employee
to confirm I should replace the '/common' with the virtual directory which needs to be polled correct ? I shouldn't replace the /common with the entire URL string right ?if it is not full url, i think you should use "starts_with" or "contains" instead of "equals".

What_Lies_Bene1
Cirrostratus
Cirrostratus
Good point Nitass, thanks. Harry, yes, replace /common with whatever the URI is (the URL without the FQDN). So, using the information in your first post;

 

when HTTP_REQUEST { if { [string tolower [HTTP::uri]] equals "/connect/login.aspx" } { pool ‘pool_name’ member x.x.x.x XX } }

What_Lies_Bene1
Cirrostratus
Cirrostratus
And if the URI could change;

 

when HTTP_REQUEST { if { [string tolower [HTTP::uri]] starts_with "/connect/" } { pool ‘pool_name’ member x.x.x.x XX } }

Harry_Singh_105
Nimbostratus
Nimbostratus
Thanks to all. To any future readers who come across this post, the "starts_with" parameter worked best in my scenario.