Forum Discussion

Srijana_137175's avatar
Srijana_137175
Icon for Nimbostratus rankNimbostratus
Nov 15, 2013

Please help creating this iRule to direct subnets to different paths.

Please help creating this iRule to direct subnets to different paths.I would need something like below 2 samples. Please let me know if you need any other details.

 

when HTTP_REQUEST { if {Subnet 10.9.254.0/24 , 164.38.32.0/24, 10.10.10.0/24 etc.} forward to path XYZ } else {Subnet NOT above subnets } forward to path ABC }

 

when HTTP_REQUEST { if {Subnet 10.9.254.0/24 , 164.38.32.0/24, 10.10.10.0/24 etc.} forward to path XYZ } else {Anything other subnet other than above subnets} forward to path ABC }

 

===================== Sys::Version Main Package Product BIG-IP Version 10.2.4

 

application delivery
availability
deployment
devops
iRules

8 Replies

Sort By
  • nathe's avatar
    nathe
    Icon for Cirrocumulus rankCirrocumulus
    Nov 15, 2013

    How about something like this?

    Create a datagroup with the subnets above and call it, say "xyz_subnet" and this iRule should do it

    when HTTP_REQUEST {
if {([class match [IP::remote_addr] equals xyz_subnet]) } {
    HTTP::uri "/XYZ"
} else {
    HTTP::uri "/ABC"
}
}

    Hope this helps, N

  • nathe's avatar
    nathe
    Icon for Cirrocumulus rankCirrocumulus
    Nov 19, 2013

    You can list the subnets, as many as you want, in the datagroup itself in a list format. Is that what you mean?

     

  • nathe's avatar
    nathe
    Icon for Cirrocumulus rankCirrocumulus
    Nov 19, 2013

    See Jason's article here. You'd want an Internal class:

     

    https://devcentral.f5.com/articles/irules-data-group-formatting-rules.UotsncQRBfg

     

  • Thomas_Gobet_91's avatar
    Thomas_Gobet_91
    Icon for Cirrostratus rankCirrostratus
    Nov 19, 2013

    There's no specific syntax, you just have to define a datagroup with all your subnets in it. You can create it through the Web interface or via tmsh.

    Here is an example of what you have to define : 

    ltm data-group internal /Common/Network {
records {
    DMZ {
        data 192.168.10.0/24
    }
    LAN {
        data 192.168.0.0/24
    }
}
type string
}
    • Srijana_137175's avatar
      Srijana_137175
      Icon for Nimbostratus rankNimbostratus
      Nov 19, 2013
      Ok, I will create a Data Group for bunch of subnets but how do i CALL that data group( lets say Testdata_gp) in below iRule script ?? when HTTP_REQUEST { if {([class match [IP::remote_addr] equals xyz_subnet]) } { HTTP::uri "/XYZ" } else { HTTP::uri "/ABC" } }
  • Thomas_Gobet's avatar
    Thomas_Gobet
    Icon for Nimbostratus rankNimbostratus
    Nov 19, 2013

    There's no specific syntax, you just have to define a datagroup with all your subnets in it. You can create it through the Web interface or via tmsh.

    Here is an example of what you have to define : 

    ltm data-group internal /Common/Network {
records {
    DMZ {
        data 192.168.10.0/24
    }
    LAN {
        data 192.168.0.0/24
    }
}
type string
}
    • Srijana_137175's avatar
      Srijana_137175
      Icon for Nimbostratus rankNimbostratus
      Nov 19, 2013
      Ok, I will create a Data Group for bunch of subnets but how do i CALL that data group( lets say Testdata_gp) in below iRule script ?? when HTTP_REQUEST { if {([class match [IP::remote_addr] equals xyz_subnet]) } { HTTP::uri "/XYZ" } else { HTTP::uri "/ABC" } }
  • nathe's avatar
    nathe
    Icon for Cirrocumulus rankCirrocumulus
    Nov 19, 2013

    xyz_subnet was my example, replace this with Testdata_gp. This means it will look up this datagroup for the subnets you've entered and redirect accordingly.