Manual Chapter : iRule Commands

Applies To:

Show Versions Show Versions

BIG-IP AAM

  • 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.5, 12.1.3, 12.1.2, 12.1.1, 12.1.0, 11.6.3, 11.6.2, 11.6.1

BIG-IP APM

  • 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.3, 12.1.2, 12.1.1, 12.1.0, 11.6.3, 11.6.2, 11.6.1

BIG-IP GTM

  • 11.6.3, 11.6.2, 11.6.1

BIG-IP Link Controller

  • 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.3, 12.1.2, 12.1.1, 12.1.0, 11.6.3, 11.6.2, 11.6.1

BIG-IP Analytics

  • 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.3, 12.1.2, 12.1.1, 12.1.0, 11.6.3, 11.6.2, 11.6.1

BIG-IP LTM

  • 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.3, 12.1.2, 12.1.1, 12.1.0, 11.6.3, 11.6.2, 11.6.1

BIG-IP PEM

  • 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.3, 12.1.2, 12.1.1, 12.1.0, 11.6.3, 11.6.2, 11.6.1

BIG-IP AFM

  • 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.3, 12.1.2, 12.1.1, 12.1.0, 11.6.3, 11.6.2, 11.6.1

BIG-IP DNS

  • 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.3, 12.1.2, 12.1.1, 12.1.0

BIG-IP ASM

  • 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.3, 12.1.2, 12.1.1, 12.1.0, 11.6.3, 11.6.2, 11.6.1
Manual Chapter

iRule command types

There are three types of iRule commands:

  • Statement commands
  • Query and manipulation commands
  • Utility commands (also known as functions)

Statement commands

Some of the commands available for use within iRules are known as statement commands. Statement commands enable Local Traffic Manager to perform a variety of different actions. For example, some of these commands specify the pools or servers to which you want Local Traffic Manager to direct traffic. Other commands specify translation addresses for implementing SNAT connections. Still others specify objects such as data groups or a persistence profiles.

For a complete list of statement commands, see the F5 Networks DevCentral web site, http://devcentral.f5.com.

Query and manipulation commands

Using iRules commands, you can query for specific data contained in the header or content of a request or response, or you can manipulate that data. Data manipulation refers to inserting, replacing, and removing data, as well as setting certain values found in headers and cookies.

For example, using the IP::idle_timeout command within in iRule, you can query for the current idle timeout value that is set in a packet header and then load balance the packet accordingly. You can also use the IP::idle_timeout command to set the idle timeout to a specific value of your choice.

iRule query and manipulation commands are grouped into categories called namespaces. Except for commands in the global namespace, each iRule query or manipulation command includes the namespace in its command name. For example, one of the commands in the IP namespace is IP::idle_timeout. One of the commands in the HTTP namespace is HTTP::header.

For a complete list of namespaces for iRules commands, see the F5 Networks DevCentral web site, http://devcentral.f5.com.

Utility commands

Local Traffic Manager includes a number of utility commands that you can use within iRules. You can use these commands to parse and retrieve content, encode data into ASCII format, verify data integrity, and retrieve information about active pools and pool members.

The pool command

Once you have specified a query within your iRule, you can use the pool command to select a load balancing pool to which you want Local Traffic Manager to send a request. Here is an example of this command.

when HTTP_REQUEST { set uri [HTTP::uri] if { $uri ends_with ".gif" } { pool my_pool } elseif { $uri ends_with ".jpg" } { pool your_pool } }

The node command

As an alternative to the pool command, you can also write an iRule that directs traffic to a specific server. To do this, you use the node command.

when HTTP_REQUEST { if { [HTTP::uri] ends_with ".gif" } { node 10.1.2.200 80 } }

Commands that select a pool of cache servers

You can create an iRule that selects a server from a pool of cache servers. Here is an example of an iRule that selects a server from a pool of cache servers.

when HTTP_REQUEST # This line specifies the expressions that determine whether the BIG-IP system sends requests to the cache pool: if { [HTTP::uri] ends_with "html" or [HTTP::uri] ends_with "gif" } { pool cache_pool set key [crc32 [concat [domain [HTTP::host] 2] [HTTP::uri]]] set cache_mbr [persist lookup hash $key node] if { $cache_mbr ne "" } { # This line verifies that the request is not coming from the cache: if { [IP::addr [IP::remote_addr] equals $cache_mbr] } # This line sends the request from the cache to the origin pool: pool origin_pool return } } # These lines ensure that the persistence record is added for this host/URI: persist hash $key } else { pool origin_pool } }
Note: Local Traffic Manager redirects URIs to a new cache member at the time that the BIG-IP system receives a request for the URI, rather than when the pool member becomes unavailable.

The HTTP::redirect command

In addition to configuring an iRule to select a specific pool, you can also configure an iRule to redirect an HTTP request to a specific location, using the HTTP::redirect iRule command. The location can be either a host name or a URI.

This is an iRule that is configured to redirect an HTTP response.

when HTTP_RESPONSE { if { [HTTP::status] contains "404"} { HTTP::redirect "http://www.siterequest.com/" } }

Here is an example of an iRule that redirects an HTTP request.

when HTTP_REQUEST { if { [HTTP::uri] contains "secure"} { HTTP::redirect "https://[HTTP::host][HTTP::uri]" } }

The snat and snatpool commands

The iRules feature includes the two statement commands snat and snatpool. Using the snat command, you can assign a specified translation address to an original IP address from within the iRule, instead of using the SNAT screens within the BIG-IP Configuration utility.

Using the snatpool command also assigns a translation address to an original IP address, although unlike the snat command, the snatpool command causes Local Traffic Manager to select the translation address from a specified SNAT pool that you previously created.