GTM irule to return differnt pool

want to have the gtm return differnt pool members based on internal or external ip

 

 

You should be able to use GTM's topology based LB..

 

 

I use GTM version 11.2 and found it simpler to use an iRule... but version 9.x does not have support for those.

Hello, thanks for the input but im not sure if I we are on the same page, are you saying to add my internal dc pools to the pool in question as members?

 

 

then to use topology for that? This actually might work however what I was thinking was more along the line of below.

 

 

i.e.

 

 

all ips exampled below are bogus

 

 

wideip -> 4.4.4.4

 

defaut pool for wideip is called mailpool

 

-_____________________mailpool has 2 members

 

-____DC1 - public -ip-4.4.4.5

 

-____DC2 - public -ip-4.5.4.6

 

 

 

I would assume I would have an irule that does something like if from internal range send to

 

-____DC1 internal -ip 10.10.220.5

 

-____DC2 internal -ip 10.20.220.5

 

 

I created a test pool wideip. set both pools to use topology in the wideip and the pool.

 

 

This doesn't work, perhaps because some hosts have static routes out but they come back as hitting the external ip which cant reach the mail servers as the firewall wont route from the inside interface to the outside interface in the same dc, so I need an irule to look at if the traffic comes from a specific ip or net and then send it to the appropriate pool(s) which are routeable everywhere.

 

 

so my above example is still the best way to go atm it seems.

Im trying to trace out what is happening on the gtm atm, as Im trying to write an irule for the above mentioned issue, is there a way to catch in general any request in an irule ?

 

 

I have tried "when DNS_REQUEST" which should catch what I what however log local0 does not appear to catching the dns request i.e.

 

 

log local0. "Connection from: [IP::remote_addr] ..."

 

 

I've tried client_addr as well and nothing

ok wrote an irule and tested it works this is my solution

 

---

 

substitute your values where needed

 

----

 

 

when RULE_INIT {

 

set ::TRACE 1

 

set DEBUG 1

 

}

 

 

when DNS_REQUEST {

 

 

if { [IP::addr [IP::client_addr] equals $dnsserver1_dc1 ] or [IP::addr [IP::client_addr] equals $dnsserver2_dc1 ] } {

 

log local0. "Connection from: [IP::client_addr] from internal DNS - attempting to send to mail internal pool"

 

cname mx-vip.domain.dc1.com

 

}

 

 

if { [IP::addr [IP::client_addr] equals $dnserver1_dc2 ] or [IP::addr [IP::client_addr] equals $dnsserver2_dc2 ] } {

 

cname mx-vip.domain.dc2.com

 

}

 

}

It's much better when you solve your problem by yourself :)