Forum Discussion

PG0581's avatar
PG0581
Icon for Cirrus rankCirrus
Nov 05, 2020

iRule to load balance FDQNs

I'm wondering if it's possible to have an iRule load balance (round-robin) between FQDNs. Here's the idea:

You would have a virtual server with no pool and use an iRule to redirect to a couple FQDNs:

 ltm virtual abcd {
  destination x.x.x.x:https
  ip-protocol tcp
  mask 255.255.255.255
  persist {
    source_addr {
      default yes
    }
  }
  rules {
    forward-fqdn
  }
  source 0.0.0.0/0
  translate-address enabled
  translate-port enabled
  vs-index xxx
}

And the iRule could look something like this; would need to iron out the exact syntax - but I'm not sure if/how you could have the iRule round robin between the FQDNs?

ltm rule forward-fqdn {
when HTTP_REQUEST {
    HTTP::redirect "https://www.abc.com"
    HTTP::redirect "https://www.def.com"
  }

application delivery
BIG-IP
iRules

2 Replies

Sort By
  • jaikumar_f5's avatar
    jaikumar_f5
    Icon for MVP rankMVP
    Nov 06, 2020

    This is a weird requirement 🙂 What exactly are you trying to achieve with this. Just trying to understand the requirement/criteria here.

    Round robin inside the Irule is not possible as far I know, but with the rand operator you'll get random numbers. So this will drive certain users to abc & others to def

    when HTTP_REQUEST {
set random [expr int(rand()*100)]
if { $random < "50" } {
HTTP::redirect "https://www.abc.com"
} else {
HTTP::redirect "https://www.def.com"
}
}
  • PG0581's avatar
    PG0581
    Icon for Cirrus rankCirrus
    Nov 06, 2020

    It is a weird requirement 🙂 So the pool members this traffic is being sent to is setup on a proxy server:

    1.1.1.1 is configured with a vhost and would proxy you to 3.3.3.3:443

    2.2.2.2 is configured with a vhost and would proxy you to 4.4.4.4:443

    We wanted to use 1.1.1.1 and 2.2.2.2 as the pool members, but, the way the user had this set up was if you navigated to the IP of the server for example:

    https://1.1.1.1
https://2.2.2.2

    This would take you to the default webserver and not to the hosts we wanted to connect to; being 3.3.3.3 and 4.4.4.4. The way they had this configured was to reach it by FQDN and also wanted it load balanced.

    Hopefully I explained that so it makes some sense 🙂 and thanks for your solution. They wound up changing some things on the server side so we thankfully don't need to use an iRule.