NimbostratusTimeouts with iRule
We recently updated our software from 11.4.0 to 11.5.3 HF2. Once we got the software up and on line, we noticed that one of our vendors were having timeout issues sending in data. We had not seen this prior to updating the software. Below are the 3 iRules that I have one the vs, when I removed iRule number 2 the timeouts stopped happening all together, but I can't determine why. Any help on this would be great!
Cookie iRule: when HTTP_REQUEST {
switch -glob [HTTP::uri] { "/manager" { drop } }
if { [HTTP::uri] equals "/pool_status.html" } { if { [active_members ABC-TOMCAT-8080_pl] < 1 } { HTTP::respond 200 content {DOWN} } else { HTTP::respond 200 content {UP} } }
Check for the presence of the Datacenter cookie. If the cookie is not present, this is a new connection which should be routed to the local app pool If the cookie is present and the value matches this datacenter, use the local app pool Else if the cookie is present and the value matches the other datacenter, check whether the other datacenter VIP is available, and if so, send the traffic to it If the other datacenter VIP is not available, set the invalidate_cookie variable to 1 and send traffic to the local app pool
if { ! [HTTP::cookie exists "Datacenter"] } { SSL::disable serverside pool ABC-TOMCAT-8080_pl } else { switch -glob [HTTP::cookie value Datacenter] { "ABC" { SSL::disable serverside pool ABC-TOMCAT-8080_pl } "DEF" { if { [active_members DEF_VIP_Pool] < 1 } { SSL::disable serverside pool ABC-TOMCAT-8080_pl } else { pool DEF_VIP_Pool} } } } }
when HTTP_RESPONSE {
If the Datacenter cookie does not exist, the connection is new, and should remain at this datacenter thus the cookie is created.
if { ! [HTTP::cookie exists "Datacenter"] } { HTTP::cookie insert name "Datacenter" value "ABC" path "/" }
}
- JSON iRule: when HTTP_REQUEST { if { [HTTP::uri] contains "rest" } { set rest_content 1 log local0. "HTTP REQUEST REST DETECTED" } else { set rest_content 0 } } when ASM_REQUEST_BLOCKING { log local0. "ASM REQUEST BLOCK: REST DETECTED= $rest_content" if { $rest_content } { set response "REST Page blocked" ASM::payload replace 0 [ASM::payload length] "" ASM::payload replace 0 0 $response HTTP::header replace Content-Length [ASM::payload length] } } when ASM_RESPONSE_VIOLATION { set x [ASM::violation_data] log local0. "ASM-SUPPORT-ID: [lindex $x 1 ]" set error "[lindex $x 1 ]" if {([lindex $x 0] contains "VIOLATION_HTTP_STATUS_IN_RESPONSE")} { set response "{\"returnStatus\":false,\"returnCodedMessage\":[{\"code\":\"WebService.SystemError\",\"message\":\"The requested operation was rejected. Please consult with your administrator. Your support ID is: $error \"}],\"returnMessage\": []}" ASM::payload replace 0 [ASM::payload length] "" ASM::payload replace 0 0 $response HTTP::header replace Content-Length [ASM::payload length]
} }
- Redirect iRule: when HTTP_REQUEST { switch -glob [HTTP::uri] { "/Website/deleteAccount*" { drop } }
if {([HTTP::uri] == "/") } { log local0. "PATH MATCH / URI: [HTTP::uri] HOST: [HTTP::host]" HTTP::redirect https://www.abc.def.com/Website } elseif { ! ([HTTP::host] contains "lmfs") } { log local0. "PATH MATCH / URI: [HTTP::uri] HOST: [HTTP::host]"
HTTP::redirect https://www.abc.def.com/Website} }
