Networking

F5’s iRules — My first look

Tony Mattke · 2011.08.29 · 2 min read

I’ve never had the opportunity to really do much with F5 load balancers in the past, but recently one our system engineers needed some load balancing setup, and wanted to know if we could assign some static MAC addresses for his NLB. This obviously make us sick to our stomach, so my co-worker decided to dedicate a chuck of time to bringing some F5 BigIP boxes that we had laying around back from the grave. Once they were up and running and had VIPs setup for a couple sites for testing, I spent a few minutes looking at the configuration. Everything seemed rather simple, which explains how he was able to do all of it in just a couple hours. I had him go over the config with me since he has had several years of experience with F5 LTMs and I was rather impressed in their simplicity and flexibility.

Later that day the application owner for one of the test systems we setup asked if there was a decent way for him to troubleshoot with an end user which server they were having an issue with (as this has been a problem in the past when certain servers freak out). My coworker, who doesn’t enjoy any sort of programming or scripting, asked me to look into writing an iRule.

To make a long story short, I quickly found my way to the F5 Dev Central site and started digging in to their documentation. They have a great resource there, lots of examples, and tons of reference information. Within the hour I had a tested and working solution.

The following iRule briefly interrupts the streaming of the page from the server to client, and rewrites the HTML header adding the last octet of the server’s IP address with a bit of formatting to the title section. ie Home (s22)

tcl
when HTTP_RESPONSE {
  STREAM::disable
  if {[HTTP::header "Content-Type"] starts_with "text/"} {
    STREAM::expression "@<\/title>@ (s[getfield [LB::server addr] "." 4])<\/title>@"
    STREAM::enable
  }
}

I really hope to have an opportunity to work with some F5 appliances again soon. I would definitely enjoy writing another iRule to add some custom functionality, but just learning a bit more about some of their advanced features would also be great.

More in Networking

Related Posts

2026.07.07 Networking 13 min read

What NFD40 Taught Me About AI Networking

I went into NFD40 thinking the AI networking pitches were going to be the marketing layer dressed up in new vocabulary, and I came out convinced it’s a different design problem.

2026.06.30 Automation & Tools 24 min read

Git for Network Engineers, Part 2: The Oh-Shit Toolkit

You’ve had git in your daily workflow for a few weeks. You’ve got the basics down, until you do one of these… You committed vault_password.txt and pushed it before your second coffee.