Forum Discussion

Ned_66277's avatar
Ned_66277
Icon for Nimbostratus rankNimbostratus
Aug 04, 2011

IPv6 GTM iRules

We use GTMs to route traffic between our datacenters and we have a number of iRules that route based on source IP or network. We currently are not using IPv6 (with a few minor exceptions including our BigIPs), but for a time I thought we had an issue with a server that had IPv6 enabled on it (which turned out to be something else). I tried a few different ways to format an iRule to recognize an IPv6 source, but I couldn't get it quite right. I haven't done much in the IPv6 world so I was hoping someone can assist.

 

 

Sample IPv4

 

when DNS_REQUEST {

 

if {[IP::addr [IP::client_addr]/32 equals 10.1.1.1]}{

 

pool A member 10.2.2.2

 

}

 

}

 

 

 

Was hoping to translate it to something similar for IPv6:

 

[IP::addr [IP::client_addr]/128 equals feff::1234]

 

[IP::addr [IP::client_addr] mask ::ffff:ffff equals feff::1234]

 

 

 

 

  • To do a host check, you shouldn't need to specify a subnet mask (whether it's v6 or v4):

     

     

    if {[IP::addr [IP::client_addr] equals 10.1.1.1]}

     

     

    if {[IP::addr [IP::client_addr] equals feff::1234]}

     

     

    For reference, you can use this example to detect an IPv6 address:

     

     

    if { [IP::addr [IP::client_addr] equals ::ffff:0000:0000/96] } { log local0. "Yep, that's an IPv4 address" }

     

     

    Aaron
  • Interesting, I havent tried any IPv6 either but its nice to see that you dont need to use a different object to detect it.
  • Hmm, I initially tried it without subnet mask but it kept giving me "invalid mask" errors which started me down the road of forcing a mask on it. I must have had something else wrong, but this seems to work. Appreciate the response, thanks!