Forum Discussion

cort_17498's avatar
cort_17498
Icon for Nimbostratus rankNimbostratus
Jan 20, 2009

Redirect based on Port

I'm pretty new to the F5 world.... be gentle.

 

 

For the life of me I cannot get this rule to work:

 

when CLIENT_ACCEPTED {

 

set port [TCP::local_port]

 

if { $port equals "23" } {

 

pool "PORT-23"

 

if { $port equals "22" } {

 

pool "PORT-22"

 

}

 

}

 

}

 

 

It will only go to the first port defined in the rule. Any help is appreciated.

 

 

application delivery
dev
devops
iRules

2 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Jan 20, 2009
    Are you testing this iRule on a port 0 (any) VIP? Do you have port translation enabled on the VIP? If you remove the iRule and add the PORT-22 pool to the VIP, can you make a request on port 22 to the VIP? If not, check the routing between LTM and the pool members. If the default gateway of the servers isn't the LTM, you'll need to enable SNAT.

    Once you have the port 22 pool working on the VIP, you can retest the iRule with a minor change and some debug logging: 

     
 when CLIENT_ACCEPTED { 
  
    log local0. "[IP::client_addr]:[TCP::client_port]: New connection to [IP::local_addr]:[TCP::local_port]" 
  
     Check the destination port 
    switch [TCP::local_port] { 
       "22" { 
           Request was to port 22 
          pool "PORT-22" 
          log local0. "[IP::client_addr]:[TCP::client_port]: Using PORT-22 pool" 
       } 
       "22" { 
           Request was to port 22 
          pool "PORT-22" 
          log local0. "[IP::client_addr]:[TCP::client_port]: Using PORT-23 pool" 
       } 
       default { 
          reject 
          log local0. "[IP::client_addr]:[TCP::client_port]: Request to undefined port.  Resetting connection." 
       } 
    } 
 }

    Aaron