Forum Discussion

Kenny_Long_5159's avatar
Kenny_Long_5159
Icon for Nimbostratus rankNimbostratus
Oct 11, 2007

Send traffic to destination pool based on source IP address

Associates,

 

 

I have a virtual server that is tied to a pool (WebServers) that has one "real" member. Then I have a second pool (Testweb) with a different "real" member.

 

 

I would like to direct traffic to the different pools based on source IP address when going to the webserver (just HTTP). One particular IP address goes to one pool and the rest of the Internet goes to another.

 

 

This is what I have come up with, but I dont have the ability to test it at the moment. Will someone evaluate it and correct it (if needed)? Thanks.

 

 

when CLIENT_ACCEPTED {

 

 

if {[IP::client_addr] == "10.0.150.1" && [TCP::local_port] == 80} {

 

 

pool Testweb

 

 

}

 

 

else {

 

 

pool WebServers

 

 

}

 

 

}

 

 

application delivery
dev
devops
iRules

4 Replies

Sort By
  • dennypayne's avatar
    dennypayne
    Icon for Employee rankEmployee
    Oct 12, 2007
    Looks like it will work fine, but I think you will need to use "equals" rather than == and maybe "and" instead of && as well for it to compile (not 100% on that since I'm not on a live box at the moment either). But the logic is OK.

     

     

    Denny
  • Kenny_Long_5159's avatar
    Kenny_Long_5159
    Icon for Nimbostratus rankNimbostratus
    Oct 12, 2007
    Thanks for the response. Because the Virtual Server I applied this to is only port 80 I dropped the && for port 80 from this iRule.

     

     

    This is the code I used:

     

     

    when CLIENT_ACCEPTED {

     

    if { [IP::addr [IP::client_addr] equals 10.0.150.1] }

     

    {

     

    pool Testweb

     

    }

     

    else {

     

    pool WebServers

     

    }

     

    }

     

     

    I applied this to the applicable Virtual Server under Resources. I tested this and it worked great.
  • pjain_72429's avatar
    pjain_72429
    Icon for Nimbostratus rankNimbostratus
    Oct 17, 2007
    How can this be implemented for

     

     

    1) whole subnet e.g. 10.0.x.x

     

     

    2) multiple subnet

     

     

  • Juha_Suominen_3's avatar
    Juha_Suominen_3
    Icon for Nimbostratus rankNimbostratus
    Oct 17, 2007

     

    Im not an expert, but

     

     

    1) I think you can specify both network and netmask. Eg. 10.10.0.0/255.255.0.0 in the example above.

     

     

    2) Lots of if/elseif clauses or use datamaps to specify networks and loop trough it with matchclass

     

     

    class subnets {

     

    10.10.1.0/255.255.255.0

     

    10.10.4.0/255.255.255.0

     

    }

     

     

    if { [matchclass [IP::client_addr] equals $::subnets] } ....