Forum Discussion

Mike_Maher's avatar
Mike_Maher
Icon for Nimbostratus rankNimbostratus
Nov 11, 2013

Working with POLICY::rules in 11.4.1

I am trying to move an iRule from 11.2.0 where I am using HTTP_CLASS_SELECTED and HTTP::class and make it work using POLICY::rules.

Here is what I am using currently in 11.2.0 that is working fine.

when CLIENT_ACCEPTED {
      set retries 0
   }

when HTTP_CLASS_SELECTED {

    if {[HTTP::class] eq "/Common/hqdesktop-securera-8000_class"}{

  set backup_pool PHX-hqdesktop-8000.edwardjones.com_pool
             }

 if {[HTTP::class] eq "/Common/desktop-securera-8000_class"}{

  set backup_pool PHX-desktop-8000.edwardjones.com_pool 

       } 

 }

   when LB_FAILED {
      if { $retries < [active_members $backup_pool] } {
         LB::mode rr
         LB::reselect pool $backup_pool
         incr retries
      }
   }

Here is what I am trying to move to on 11.4.1, and I thought at one time I had it working but now when I try and apply it to the Big-IP I get the message: [wrong args] [POLICY::rules]. Any help would be appreciated, as I can't upgrade with out making this work

    when CLIENT_ACCEPTED {
      set retries 0
   }

when HTTP_REQUEST {

    if {[POLICY::rules] eq "hqdesktop-securera-8000_class-policy-rule"}{

  set backup_pool PHX-hqdesktop-8000.edwardjones.com_pool
             }

 if {[POLICY::rules] eq "desktop-securera-8000_class-policy-rule"}{

  set backup_pool PHX-desktop-8000.edwardjones.com_pool 

       } 

 }

   when LB_FAILED {
      if { $retries < [active_members $backup_pool] } {
         LB::reselect pool $backup_pool
         incr retries
      }
   }

6 Replies

    • Mike_Maher's avatar
      Mike_Maher
      Icon for Nimbostratus rankNimbostratus
      Yes, I already tried adding that example below. I also tried multiple other ways of adding matched and changing the syntax but nothing seems to work. The other thing I find odd is that if I just try and put a simple iRule in to log what rule is being used I always get a blank log line. when CLIENT_ACCEPTED { set retries 0 } when HTTP_REQUEST { if {[POLICY::rules matched] eq "hqdesktop-securera-8000_class-policy-rule"}{ set backup_pool PHX-hqdesktop-8000.edwardjones.com_pool } if {[POLICY::rules matched] eq "desktop-securera-8000_class-policy-rule"} { set backup_pool PHX-desktop-8000.edwardjones.com_pool } } when LB_FAILED { if { $retries < [active_members $backup_pool] } { LB::reselect pool $backup_pool incr retries } }
    • Mike_Maher's avatar
      Mike_Maher
      Icon for Nimbostratus rankNimbostratus
      Ok I think I have worked out. This will load as an iRule and I am pretty sure it work fine based upon preliminary testing I have done. I just did not fully get the wiki on the first pass. To pull what rule is being matched you have to tell the POLICY::rules statement what the name of the policy is that it is looking at. when CLIENT_ACCEPTED { set retries 0 } when HTTP_REQUEST { set policy [POLICY::names matched] if {[POLICY::rules matched $policy] eq "hqdesktop-securera-8000_class-policy-rule"}{ set backup_pool PHX-hqdesktop-8000.edwardjones.com_pool } if {[POLICY::rules matched $policy] eq "desktop-securera-8000_class-policy-rule"} { set backup_pool PHX-desktop-8000.edwardjones.com_pool } } when LB_FAILED { if { $retries < [active_members $backup_pool] } { LB::reselect pool $backup_pool incr retries } }
    • Mike_Maher's avatar
      Mike_Maher
      Icon for Nimbostratus rankNimbostratus
      Yes, I already tried adding that example below. I also tried multiple other ways of adding matched and changing the syntax but nothing seems to work. The other thing I find odd is that if I just try and put a simple iRule in to log what rule is being used I always get a blank log line. when CLIENT_ACCEPTED { set retries 0 } when HTTP_REQUEST { if {[POLICY::rules matched] eq "hqdesktop-securera-8000_class-policy-rule"}{ set backup_pool PHX-hqdesktop-8000.edwardjones.com_pool } if {[POLICY::rules matched] eq "desktop-securera-8000_class-policy-rule"} { set backup_pool PHX-desktop-8000.edwardjones.com_pool } } when LB_FAILED { if { $retries < [active_members $backup_pool] } { LB::reselect pool $backup_pool incr retries } }
    • Mike_Maher's avatar
      Mike_Maher
      Icon for Nimbostratus rankNimbostratus
      Ok I think I have worked out. This will load as an iRule and I am pretty sure it work fine based upon preliminary testing I have done. I just did not fully get the wiki on the first pass. To pull what rule is being matched you have to tell the POLICY::rules statement what the name of the policy is that it is looking at. when CLIENT_ACCEPTED { set retries 0 } when HTTP_REQUEST { set policy [POLICY::names matched] if {[POLICY::rules matched $policy] eq "hqdesktop-securera-8000_class-policy-rule"}{ set backup_pool PHX-hqdesktop-8000.edwardjones.com_pool } if {[POLICY::rules matched $policy] eq "desktop-securera-8000_class-policy-rule"} { set backup_pool PHX-desktop-8000.edwardjones.com_pool } } when LB_FAILED { if { $retries < [active_members $backup_pool] } { LB::reselect pool $backup_pool incr retries } }