Menu Title

iRule to use Data Group

You might have come across a situation where only limited set of IP address need to be granted access to a web page or web services. And these IP address need updates from time to time when ever you provision the web services to your new clients køb cialis. Obviously, such IP address list shouldn't be written inside an iRule expression, otherwise you end up editing the iRule every time.

That's where Data Group makes this an easy job for you!

Data Group is simply a store of group of related elements such as IP address (also strings or integer), so you write an iRule referring to a specific Data Group, keep adding/editing/deleting this Data Group without touching iRule at all.

Data Group is stored as part of configuration file, so in a high availability (cluster) environment, the Data Group changes are automatically mirrored to peers.

How to configure Data Group in iRule

1.Navigate to Local Traffic > iRules > Data Group List

2.Specify a unique name for Data Group List and add all the IP addresses.

For IP subnet, specify the IP address subnet along with Mask.
For single IP address, specify the IP address alone.

 

HostGator $2.75 per month
HostGator
24/7/365 Technical Support, Free Site Building Tools, 4500 Website Templates, Free Shopping Cart Software, Ideal for WordPress, 45 Day Money Back Guarantee

All in One WordPress Hosting Starts at 30$ per month
All in One WordPress Hosting
WordPress
High optimized WordPress hosting, secure firewall, HTTPS, Backup, hack-fix guarantee and many others at 30$ per month

3.Create an iRule and use class match command to match remote IP address (Source IP) with Data Group named IPs. If the IP address matches, go and direct the request to pool members, otherwise redirect to a page showing 'unauthorized access'.

when HTTP_REQUEST {
set myuri [string tolower [HTTP::uri]]
if {$myuri contains "jinwebservices"}
{
if {[class match [IP::remote_addr] equals IPs ]}
{pool iapp_uat_com_7003}
else
{HTTP::redirect "https://www.itadminguide.com/restricted"}
}
}

This answers my clients who asked me about the capacity of an individual Data Group.

Note - this is an extract from F5 Source

Whether you’re storing 100 or 100,000 entries, queries are roughly the same thanks to the indexed, hashed format of data groups. This makes them far and away the best option for storing large lists of data as well as frequently performed queries that can be represented in a read-only fashion. The bottom line is: If you’re not updating the data in the list, and you’re dealing with more than a handful of items, be it strings, IPs or otherwise, datagroups are likely your best bet.

Related Post