Persistance in a I-rule

Question

So I have this I-rule &nbsp;
&nbsp;when HTTP_REQUEST {
&nbsp;set uri [HTTP::uri]
&nbsp;switch $uri {
&nbsp;"/" { HTTP::redirect "https://[HTTP::host]/tf/WalletShare" }
&nbsp;"/tf/WalletShareREIT" { pool wdc-wshwstst-5002 }
&nbsp;"/tf/WalletShare" { pool wdc-wshwstst-5001 }
&nbsp;}
&nbsp;}&nbsp;&nbsp;&nbsp;&nbsp;
&nbsp; Once a connection comes in and hits the pool based off its uri , I want that connection to stick with that same pool no matter what is in the uri after the initial connection.  I think my problem is as it builds the page different  uri are created and its not being sent to the same pool

hooleylist · Answer

Hi Matt, 
&nbsp;  
&nbsp; You could check for a cookie in HTTP_REQUEST indicating a pool selection had already been made.  If no cookie was found in the request, you could set a cookie using HTTP::cookie insert with the name of the pool to use in HTTP_RESPONSE.  You'd want to validate that the cookie name was either 5001 or 5002 to prevent someone from accessing an arbitrary pool. 
&nbsp;  
&nbsp; I can whip up an example in a bit. 
&nbsp;  
&nbsp; Aaron

hooleylist · Answer

Here's an example of what I was thinking.  It uses a session cookie to track whether an initial pool selection has been made.  Once a pool has been selected, a separate session cookie is used for persistence within the pool. 
  
 Make sure to test with a OneConnect profile enabled on the virtual server.  If you're using serverside source address translation, you can use the default OneConnect profile with a /0 source mask.  Else, use a custom OneConnect profile with a /32 source mask.

when HTTP_REQUEST {

Track whether to insert the pool selector cookie
set insert_cookie 0

Check if there is a pool selector cookie
switch [HTTP::cookie value pool_selector] {
1 {
 client already made a request so select the first pool
pool wdc-wshwstst-5001

Use cookie insert persistence to ensure client is persisted to same member within this pool
persist cookie insert pool5001 0
}
2 {
 client already made a request so select the second pool
pool wdc-wshwstst-5002

Use cookie insert persistence to ensure client is persisted to same member within this pool
persist cookie insert pool5002 0
}
default {

No cookie, so check the URI
switch [HTTP::uri] {
"/" { HTTP::redirect "https://[HTTP::host]/tf/WalletShare" }
"/tf/WalletShareREIT" {
pool wdc-wshwstst-5002
set insert_cookie 2
persist cookie insert pool5002 0
}
"/tf/WalletShare" {
pool wdc-wshwstst-5001
set insert_cookie 1
persist cookie insert pool5002 0
}
}
}
}
}
when HTTP_RESPONSE {

Check if we've made an initial pool selection for this request
switch $insert_cookie {
1 -
2 {
 Insert the cookie in the response
HTTP::cookie insert name pool_selector value $insert_cookie path /
}
}
}

Aaron

nitass · Answer

just curious whether it works if we do HTTP::disable after selecting a pool in HTTP_REQUEST.

hooleylist · Answer

I think calling HTTP::disable would only affect the current connection.   So it wouldn't handle clients who make subsequent requests over a new TCP connection.  And it would probably prevent a session cookie from being inserted into the response once a pool was selected for inter-pool persistence.  Though I'm not sure Matt requires persistence within the pool. 
&nbsp;  
&nbsp; Aaron

nitass · Answer

thanks Aaron! i forgot about subsequential connections.

Forum Discussion

Persistance in a I-rule

6 Replies

Recent Discussions

Pricing when used with aws waf

F5 Rseries R2600 Tenant sizing

iRule help masking IBM host URL/URI

Need advise to setup a policy on F5

Advise on setting up IRULE

Related Content

i-rule header insert - APM

I-rule for adapt request "response page"

CLI syntax to change i-rule order

Decoding the IPv4 address from the persistence cookie

Setting up persistence in F5 XC