Forum Discussion

Tyler_Brown_949's avatar
Tyler_Brown_949
Icon for Nimbostratus rankNimbostratus
Jun 26, 2014

Source IP to Node with backup

All,

 I've got the following iRule I use when I want to drive traffic from a source ip to a specific node.

when CLIENT_ACCEPTED { if {[class match [IP::client_addr] equals ipsec_bypass_backup] and [LB::status node 192.168.155.5 up]} { node 192.168.155.5 }

I'd like to add an option to direct traffic to a secondary node is the first is down, and am having problems. Blow is the iRule I'm testing with. It works, but only if I clear the clients connection after the first node fails. If I don't manually clear it, the session will stay on the dead node until it times out.

when CLIENT_ACCEPTED { if {[class match [IP::client_addr] equals ipsec_bypass_backup] and [LB::status node 192.168.155.5 ] eq "up" } { node 192.168.155.5 } elseif {[class match [IP::client_addr] equals ipsec_bypass_backup] and [LB::status node 192.168.157.5 ] eq "up" } { node 192.168.157.5 } }

application delivery
devops
iRules

4 Replies

Sort By
  • Patrik_Jonsson's avatar
    Patrik_Jonsson
    Icon for MVP rankMVP
    Jun 26, 2014

    Hi!

     

    Try changing the LB Method to Reject. Using the defalt, "None" would keep the active connection alive.

     

    /Patrik

     

  • Patrik_Jonsson's avatar
    Patrik_Jonsson
    Icon for MVP rankMVP
    Jun 26, 2014

    Or you can move the rule to the HTTP_REQUEST event instead of CLIENT_ACCEPTED. That should also do it.

     

    /Patrik

     

  • Stewart's avatar
    Stewart
    Icon for Altostratus rankAltostratus
    Jun 28, 2014

    Hi Tyler,

     

    Another way would be to send your traffic to a pool and set the pool up so that it will only dispatch traffic to your favoured node unless it's down, in which case it'll go to the second one. You can do this using different priority groups for the pool members and setting the min active members to 1. That would cut down on the size of your iRule.

     

    Stewart.