Forum Discussion

karlg_49229's avatar
Icon for Nimbostratus rankNimbostratus
Jan 21, 2012

UDP DST Port Range Load Balancing Rule

There is no TCP connection associated with these packets - it is raw UDP only, between port ranges 9000 to 9100 on the DST side, and targeted to a particular IP address.



Can I humbly ask the advice of an iRule expert for the rule syntax? We tried a few and so far no luck.





Karl G.


3 Replies

  • Hi Karl,

    Do you want to allow UDP packets destined for ports 9000 - 9100 and block all others? If so, you can create a virtual server with either a UDP profile or a Performance L4 virtual and use an iRule like this:

    if {[UDP::local_port] >= 9000 and [UDP::local_port] <= 9100}{
    } else {
     Send the client a reset

  • Great. For performance, it would be a lot more efficient to use a PerfL4 VS.



  • Hi Aaron,


    I work with Karl and I am trying to figure out if something I am seeing is because of this rule or something else. Along with this rule, we have a pool on the Virtual Server. The issue I am seeing is that even if I remove the first server in the pool and hope to see traffic only going to the second and third, traffic still makes it to the first server. I also disable the node and still see traffic to this first server. What do you think can be going on?



    Best Regards,