NimbostratusLB irule and where to place in whith in an exisitng rule
Good morning all. I need help with an irule that might be better as an addition to an existing rather than a new one.
We currently have an external F5 forwarding mail requests to an internal F5. This then has 2 irules associated with it for appending, persistence and LB. The only pools configured including default pool are set within the irules.
What I need to do is add an additional pool OWA_webconsole_pool and forward any traffic with /webconsole in the HTTP Request to that pool. My issue is that I don't want to interfere with the exisiting rules and the basic rule id use has a default pool as its fall back. If I put this as a new rule last won't it negate any previous rules.
Heres what I want to do:
when HTTP_REQUEST {
if { [HTTP::uri] contains "/webconsole" } {
pool OWA_webconsole_pool
} else {
pool $def_pool
}
}but here are the 2 rules in order that already exist.
when HTTP_REQUEST {
if { ([HTTP::uri] == "/") } {
HTTP::uri /owa
}
}This seems to add /owa to all HTTP requests. will this overwrite any command coming in with /webconsole on the end?
when HTTP_REQUEST {
CHANGE ALL POOL NAMES TO MATCH THOSE IN YOUR ENVIRONMENT.
YOU MIGHT CHOOSE TO USE THE SAME POOL FOR OWA, ECP and EWS.
OAB and Autodiscover do not require persistence.
switch -glob -- [string tolower [HTTP::path]] {
"/microsoft-server-activesync" {
Direct all ActiveSync clients to a common pool; use Auth
header value if it exists (Basic auth only, which is the
default); otherwise we fall back to client IP
if { [HTTP::header exists "APM_session"] } {
persist uie [HTTP::header "APM_session"] 7200
}
elseif { [HTTP::header exists "Authorization"] } {
persist uie [HTTP::header "Authorization"] 7200
}
else {
persist source_addr
}
pool OwaMail_combined_vs_owa_pool
return
}
"/ews*" {
if { [HTTP::header exists "APM_session"] } {
persist uie [HTTP::header "APM_session"] 7200
}
else {
persist cookie
}
pool OwaMail_combined_vs_owa_pool
return
}
"/ecp*" {
if { [HTTP::header exists "APM_session"] } {
persist uie [HTTP::header "APM_session"] 7200
}
else {
persist cookie
}
pool OwaMail_combined_vs_owa_pool
return
}
"/oab*" {
pool OwaMail_combined_vs_owa_pool
return
}
"/rpc/rpcproxy.dll" {
if { [HTTP::header exists "APM_session"] } {
persist uie [HTTP::header "APM_session"] 7200
}
else {
switch -glob [string tolower [HTTP::header "User-Agent"]] {
"msrpc" {
if { [HTTP::cookie exists "OutlookSession"] } {
persist uie [HTTP::cookie "OutlookSession"] 7200
}
else {
persist uie [HTTP::header "Authorization"] 7200
}
}
"*microsoft office*" {
This section matches some versions of Outlook 2007 on Windows XP
persist uie [HTTP::header "Authorization"] 7200
}
default {
This section catches all other requests for Outlook
Anywhere, and sets a persistence method that does
not require the client to support HTTP cookies
persist source_addr
}
}
}
Finally, this assigns the Outlook Anywhere pool. If the preceding clients
should be sent to separate pools, the pool statement should be removed
here, and a separate pool statement placed in each of the preceding
logic branches.
pool OwaMail_combined_vs_owa_pool
return
}
"/autodiscover*" {
Requests for Autodiscovery information. No Persistence.
pool OwaMail_combined_vs_ad_pool
return
}
default {
This final section takes all traffic that has not otherwise
been accounted for and sends it to the pool for Outlook Web App
if { [HTTP::header exists "APM_session"] } {
persist uie [HTTP::header "APM_session"] 7200
} else {
persist cookie
}
pool OwaMail_combined_vs_ad_pool
}
}
}
when HTTP_RESPONSE {
if { [HTTP::header values WWW-Authenticate] contains "Negotiate" } {
ONECONNECT::detach disable
log local0. "OC disabled for Negotiate my_ex_single_persist"
}
}This makes all the major LB and persistence decisions but I'm not sure where I would insert my new code to ensure that it only applied to /webconsole traffic and left everything else alone. I assume I would need to remove the pool $def_pool line.
Any advices would be hugely appreciated.
