redirecting all TCP and all UDP to different servers and routes

Question

Hi , &nbsp;
&nbsp;Appreciate the devcentral site , got a lot of good iRules samples from the tuorials and was implementing a setup for a customer. Basically it's a bunch Compression server for internet traffic.&nbsp;
&nbsp;Question , i'm not very familiar with iRules and managed to get one from your site , modded it a bit till i got this :&nbsp;
&nbsp;rule Redirect_Server_Pool {
&nbsp;   when CLIENT_ACCEPTED {
&nbsp;if { [IP::addr [IP::client_addr] equals 0.0.0.0] } {
&nbsp;pool server_pool
&nbsp;}&nbsp;
&nbsp;It all works fine , all traffic hitting the LB will be routed to server pool (had to use iRules as customer was LB'ing links rather than servers).&nbsp;
&nbsp;Now , i'm required to filter based on TCP or others. It's simple enough if it's a specific port as i could [TCP::port XX] but how do you select all TCP ports then filter others out ? I guess the pseudocode of the new modded rule would be :&nbsp;
&nbsp;rule Redirect_Server_Pool {
&nbsp;    when CLIENT_ACCEPTED {
&nbsp;if { port is TCP )&nbsp;
&nbsp; Reusing old code &nbsp;&nbsp;rule Redirect_Server_Pool {
&nbsp;   when CLIENT_ACCEPTED {
&nbsp;if { [IP::addr [IP::client_addr] equals 0.0.0.0] } {
&nbsp;pool server_pool
&nbsp;}&nbsp;
&nbsp; Reusing old code &nbsp;
&nbsp;else (if other types UDP , GRE ,ESP)
&nbsp;{ forward to another pool }&nbsp;
&nbsp;end&nbsp;
&nbsp;Appreciate any help. Thanks

deb_allen_18 · Answer

The best way would be to create protocol-specific virtual servers, one specifying protocol UDP and one specifying TCP. Since SCTP is the only other supported transport protocol for Standard VS, if you want to specify VS for others, you'd have to be using a Forwarding VS, rather than Standard VS LBing to a pool.&nbsp;
&nbsp;I am curious as to why an iRule is required -- looks like you are testing for client address but you want to match all &amp; then just pick a pool?  That's what a standard virtual server without an iRule does...&nbsp;
&nbsp;/deb&nbsp;&nbsp;

harris_hassan_3 · Answer

Thanks a lot for the reply , much appreciated. I could post a visio document of flow but dunno if it's allowed in here. Only private IP's are shown so not much of a security issue i guess.&nbsp;
&nbsp;The problem is , we did make the standard Virtual server for the setup. But traffic just wouldn't flow to the servers. Added in the rule an it works. &nbsp;
&nbsp;Thanks &nbsp;
&nbsp;Maybe i'll draw up a simple flow on word for use.

harris_hassan_3 · Answer

Was thinking about your reply , while traffic flow still can't be done without iRules , the TCP/ UDP separation can. &nbsp;
&nbsp;I could either seperate the pools into one for UDP / TCP , or seperate the VS's into one for TCP / UDP. Since the system is not live yet , i'll give my customer a call and check if it works.&nbsp;
&nbsp;Thanks for the tip

harris_hassan_3 · Answer

Alrite , tested out by seperating the VS. Didn't work as a standard VS as expected , but managed to get the setup running via a wildcard VS. Thanks

deb_allen_18 · Answer

Excellent, glad to help

Forum Discussion

redirecting all TCP and all UDP to different servers and routes

5 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Anchor Link Redirect

Copper SFP Differences

Provide Content of different Webapps with one Virtual Server

Server monitoring - some differences between BIG-IP and NGINX

Server Profile SNI