So the issue I was thinking of is resolved when using a OneConnect profile. If you don't use a OneConnect profile then you should explicitly set a pool in all cases if you specify a pool in any case. This is described in some detail in SOL9800:
SOL9800: Using an iRule to load balance HTTP requests to multiple pools
https://support.f5.com/kb/en-us/solutions/public/9000/800/sol9800.html (
Click here)
To reproduce the issue where a request goes to the last pool specified instead of the VIP's default pool (without a OneConnect profile enabled on the VIP), you can use a simple test rule which selects pool1 for requests which have pool1 in the path and does not specify another pool for non-matching requests:
when HTTP_REQUEST {
log local0. "[IP::client_addr]:[TCP::client_port]: New request to URI\
[HTTP::uri] (Request [HTTP::request_num] on this TCP connection)."
if {[HTTP::path] starts_with "/pool1"}{
log local0. "[IP::client_addr]:[TCP::client_port]: Matched /pool1 in URI, using irule_pool"
pool irule_pool
} else {
log local0. "[IP::client_addr]:[TCP::client_port]: iRule check didn't match [HTTP::uri], doing nothing"
}
}
when LB_SELECTED {
log local0. "[IP::client_addr]:[TCP::client_port]: Selected pool info: [LB::server]"
}
when SERVER_CONNECTED {
log local0. "[IP::client_addr]:[TCP::client_port]: Selected pool info: [LB::server]"
}
when SERVER_CLOSED {
log local0. "Selected pool info: [LB::server]"
}
Make three requests on the same TCP connection to /pool0, /pool1 and then /pool2, using curl on the LTM command line
$ curl '10.0.0.10/pool[0-2]'
No OneConnect (third request goes to the "wrong" pool)
: 10.10.10.10:3127: New request to URI /pool0 (Request 1 on this TCP connection).
: 10.10.10.10:3127: iRule check didn't match URI /pool0, doing nothing.
: 10.10.10.10:3127: Selected pool info: default_pool 2.2.2.2 80
: 10.10.10.10:3127: Selected pool info: default_pool 2.2.2.2 80
:10.10.10.10:3127: Selected pool info: default_pool 2.2.2.2 80
: 10.10.10.10:3127: New request to URI /pool1 (Request 2 on this TCP connection).
: 10.10.10.10:3127: Matched /pool1 in URI, using pool1 (irule_pool).
: 10.10.10.10:3127: Selected pool info: irule_pool 1.1.1.1 80
: Selected pool info: default_pool 2.2.2.2 80 (Server connection for first request is closed here)
: 10.10.10.10:3127: Selected pool info: irule_pool 1.1.1.1 80
: 10.10.10.10:3127: Selected pool info: irule_pool 1.1.1.1 80
: 10.10.10.10:3127: New request to URI /pool2 (Request 3 on this TCP connection).
: 10.10.10.10:3127: iRule check didn't match URI /pool2, doing nothing.
: 10.10.10.10:3127: Selected pool info: irule_pool 1.1.1.1 80
: Selected pool info: irule_pool 1.1.1.1 80
Note that the third request goes to the iRule pool even though you might expect it to go to the default pool on the virtual server as the iRule does not match the requested path. If you add a OneConnect profile, the default pool is used for the first and third requests, as you would probably expect.
Aaron