Multiple port monitoring on LTM
I need help to write an iRule which helps to monitor three different service ports running on member server. I have a web-server which accept connections on port 5555 but internally this service depends on service port 8024 or 8026. F5 should monitor all these three ports but bring down node when both 8024 and 8026 stop responding. Member web server should remain UP till either of service port 8024 or 8026 responding well. Same time I want active monitoring on port 5555 which means if port 5555 stop responding, member server status should be Down irrespective status of port 8024 and port 8026. Port 5555 support https and rest two ports HTTP. Thanks, Mihir
Irule to resolve pool members dns names over the Internet.
Hi Guys How to create an Irule, which resolves the pool members dns ip's? without specifically inputting the specific dns entry of the pool members? In a nutshell, i want to create an irule, which resolves the pool members dns ip's, without mentioned their dns entries? RegardsiRule to block string in header and display blocking page
I am wondering if I can create an iRule to block a request if a certain string appears anywhere in the header. For example, it would be something like... when HTTP_REQUEST { if { [HTTP::header "User-Agent"] contains "test1234" } { drop return } } Except I would not want the block to be limited to the User-Agent. I would want it to be blocked no matter where "test1234" appeared in the header. A follow-up to that would be if I can also have this iRule display the blocking page with a SupportID. I would like those testing to be able to have visual confirmation to see it worked and so they can easily share it with others.
Use iRule to SNAT based on Destination IP address without using a SNAT Pool.
I've seen an answer for a similar question on here, but the solution was to use a SNAT pool. Here's my situation: ServerA that needs to reach out to an external IP address. ServerA is in a SNAT pool already with two other servers. The other two servers cannot have access to this external IP address ServerA cannot be added to a second SNAT pool. So what I was hoping to do was to be able to write an iRule (or preferably apply a Local Traffic Policy) that would SNAT traffic from ServerA to a specific IP address when it is going to this particular external IP address. Any suggestions? Thanks.
Redirect on multiple conditions URI & Query
Hi Guys, This is my first time at DevCentral. I need help. The requirement are when f5 see URI ( https://abc.xyz.com/shop/window.yes) and query (car=true) then redirect to url (https://abc.xyz.com/shop/door.yes?car=ture) if query car=false do nothing. means if some try https://abc.xyz.com/shop/window.yes?car=ture url should redirect to https://abc.xyz.com/shop/door.yes?car=ture here is a irule what I am using but it is not working, can someone tell me what is wrong. when HTTP_REQUEST { if { [string tolower [URI::query [HTTP::uri] "cart" ] ] equals "true" } { switch -glob [string tolower [HTTP::path]] { "/shop/window.yes*" { HTTP::redirect "[HTTP::host]/shop/door.yes?[HTTP::query]" } } } }User ID based pool selection
hi there! I am trying to write one iRule to select the pool based on user ID. For example, when the user tries to login, grab the ID of test1@example.com and send to pool1 and for other user ID test2@example.com send to pool2. Essentially, after successfully logged in have tried to save the user ID in the table. However, the issue is when test1 logs in, test2 cannot login. Not sure what I am doing wrong. Is there any limitation on table? I assumed it should be session based when used from different browsers. Any help on this will be highly appreciated. F5 version: 12.1 Cheers. Best regards Hyderdelegate _xmpp-client._tcp.domain.com to GTM and let the GTM to resolve to (A) record hosted on BIND.
I am trying to get iRule to work for servicing SRV records for _sipinternaltls._tcp.domain.com and _xmpp-client._tcp.domain.com, which are delegated to the GTM from the dns server running BIND. ERROR: 01070151:3: Rule [/Common/srvtest1_irule] error: /Common/srvtest1_irule:9: error: [undefined procedure: DNS::answer][DNS::answer insert "[DNS::question name]. $ttl IN [DNS::question type] 1 0 5223 xmpp1.domain.net."] /Common/srvtest1_irule:14: error: [undefined procedure: DNS::additional][DNS::additional insert "xmpp1.domain.net. $ttl IN A 1.1.1.1"] /Common/srvtest1_irule:17: error: [undefined procedure: DNS::return][DNS::return]
LTM OneConnect Profile for short API http request
We have some client using API calls to our servers and they are short live request, these web servers are not browsable they just serve API. We have notice request rate is very high which i am seeing 900 TLS almost and i have notice our Web (apache) getting timeout sometime because of very high connection rate on webserver on netstat i am seeing thousands of TIME_WAIT so definitely my server running out of resources even server CPU load is 1% or 2% We are thinking to use OneConnect Profile but not sure its going to benefit us or not and how? I read about OneConnect profile but i am little confused and need some advice how we should utilize it. Question: If we use OneConnect does that means it will open only few connection to server right? We are using Auto Map SNAT so what will be impact on OneConnect Profile also we are using XFF feature to extract client IP. What if we disable HTTP 1.1 on apache webserver which will close connection faster in that case how does OneConnect profile behave? for test i have enabled oneconnect profile on our Dev LTM and send some http request from multiple but i am seeing its opening individual connect to server and not bundle them in single connection (We are using Mask 0.0.0.0) is that how openconnect works?iRule Redirection
This is a redirection rule from https://xyz.co.uk to https://abc.co.uk But only 1 in 10 requests should redirect initially. Follwing is the iRule I have implemented but it gets redirected even in 20th and 23rd attempts as well . I need exactly 1 in 10 requests to be redirected. Can someone please help ? when RULE_INIT { set static::cookie_name "abc-stg" ; set static::threshold 10 ;} when HTTP_REQUEST { set cookie_value -1 if {[HTTP::cookie exists $static::cookie_name]} { set cookie_value [HTTP::cookie value $static::cookie_name] if {![regexp {^\d+$} $cookie_value]} { set cookie_value -1 } elseif {$cookie_value < 0 || $cookie_value > 99} { set cookie_value -1 } } if {$cookie_value == -1} { set cookie_value [expr {int(rand()*100)}] HTTP::cookie insert name $static::cookie_name value $cookie_value } if {$cookie_value < $static::threshold} { HTTP::redirect "; } }