“BIG-IP F5” has ability to function as full proxy. Full Proxy design of BIG-IP F5 is a wonderful tool through which one can manipulate client-side connections and server-side connections all the way through the application layer. All this is possible because of F5’s powerful feature set of BIG-IP “iRule”.
iRule can perform buffet of functions like –
- making load balancing decisions
- modifying packet content
- directing traffic flow
- collecting statistics
and plethora of others things upto layer seven. iRule gives great deal of power and control over your network, Traffic, Routing and application flow programmable. iRules are available in LTM/GTM/ASM Modules. iRules are created with the help of Tool command language (TCL) programs or script (Also called as Event handler) that are assigned to Virtual server and run by one or more user specified Events related to the Virtual server, such as HTTP get request or new TCP connections.
Some of common scenarios where iRule plays a pivotal role are –
Case 1 –
User sends an insecure http request to website (let’s say in this case it is www.ipwithease.com) but actual page which is opening is https.
Case 2 –
The power of iRule makes both the above shared cases possible. As in case 1, the benefit is that we don’t need to broadcast every client that we have changed our security and have moved from insure (HTTP) to secure (HTTPS).
Lets further understand the iRule structure in more detail.
iRule Structures are composed of –
- Event Declarations and
- TCL Execution Code
When a certain event occurs, match the condition and then perform the action
Below is the format –
Let’s use CASE 1 example where where http to https redirection is required –
To summarize, we can confidently submit that iRules are pre-complied which provide us faster performance, it has a great influence on handling unique customer conditions and customizations, controlling and routing traffic contextually, implementing business policy and using client specific decision making .