irule to create a hash of source and destination IPs

Question

I have a firewall farm sandwiched between two LTM 4200s running V11.4. The FW VS is 0.0.0.0 all ports [all traffic is LB'd to a FW]. I would like to use persistence based on a single hash value of both the source and destination IP addresses so that each unique source/destination pair persists to a single FW. What would that irule look like?

niels_van_sluis · Answer

Maybe this will work.
when CLIENT_ACCEPTED {
    scan [IP::client_addr] "%u.%u.%u.%u" a b c d
    scan [IP::local_addr] "%u.%u.%u.%u" e f g h
    set src_dst_hash [ crc32 [ concat $a $b $c $d $e $f $g $h ] ]
    persist hash $src_dst_hash
}

Forum Discussion

irule to create a hash of source and destination IPs

1 Reply

Recent Discussions

Transaction looks successful but file not downloading

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Related Content

Block destination IP by source IP

Create a DevCentral account

F5 AFM Source / Destination NAT

How to ensure source address and source port are accepted and traversed properly via F5 SNAT automap

Different policies same destination and pool