Forum Discussion

Jeff_Wyant_4852's avatar
Jeff_Wyant_4852
Icon for Nimbostratus rankNimbostratus
Feb 03, 2011

Route Traffic Based on Header Info

Problem:

 

 

I need to route traffic coming into a single virtual server, inspect the header info, and if the condition matches, send it to another pool while leaving traffic that doesn't match the condition in the original virtual server resource pool. The condition I'm trying to match against is shown in this packet capture: "X-Forwarded-For: 64.238.106.226, 216.66.8.30"

 

 

 

_________________________________________________________________________________________________

 

GET /imageserver/d_31167/w_92/h_69/np/2C3LA63H06H159009-8.jpg HTTP/1.1

 

Accept: */*

 

Referer: http://www.mysite.com

 

Accept-Language: en-us

 

UA-CPU: x86

 

User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; GTB6.6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618; .NET4.0C)

 

X-Akamai-CONFIG-LOG-DETAIL: true

 

TE: chunked;q=1.0

 

Connection: TE

 

Accept-Encoding: gzip

 

Akamai-Origin-Hop: 2

 

Via: 1.1 v1-akamaitech.net(ghost) (AkamaiGHost), 1.1 akamai.net(ghost) (AkamaiGHost)

 

X-Forwarded-For: 64.238.106.226, 216.66.8.30

 

Host: api.cdmdata.m7z.net

 

Cache-Control: max-age=86400

 

Connection: keep-alive

 

_________________________________________________________________________________________________

 

 

 

Here is the iRules I've been trying:

 

 

 

when HTTP_REQUEST {

 

if { [HTTP::header "X-Forwarded-For"] contains "64.238.106.226" }{

 

pool mysite

 

}

 

}

 

 

when CLIENT_ACCEPTED {

 

if {[matchclass [HTTP::header "X-Forwarded-For"] contains "63.243.106.226"]} {

 

pool mysite member 10.1.1.1}{

 

log local0. "X-Forwarded-for redirect match 63.243.106.226."

 

}

 

}

 

 

 

Any Suggestions?

 

Thanks

 

-Jeff

 

 

 

 

application delivery
dev
devops
iRules

1 Reply

Sort By
  • Chris_Miller's avatar
    Chris_Miller
    Icon for Altostratus rankAltostratus
    Feb 03, 2011
    This rule assumes you change "default" below to the pool you'd like non-matching traffic to use. Also, you'll want to use OneConnect to ensure the HTTP info is evaluated and traffic is sent accordingly.

    More can be read about that here:

    http://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/114/OneConnect-For-my-iRule.aspx

    Finally, you can either make a list of addresses in a "class/data group" and check whether they exist, or you can specify them from within the rule. How many addresses do you have total to check? that can influence whether you go one way or the other. 

    
when HTTP_REQUEST {
    if { [HTTP::header "X-Forwarded-For"] contains "64.238.106.226" } {
         pool mysite }
   else { pool default }
    }