Home

iRules

iRules is a scripting language used with F5 Networks' BIG-IP application delivery controllers to customize traffic handling. The language is built on Tcl and adds F5-specific commands and event-driven constructs that run in the device’s data plane, enabling fine-grained control over TCP/IP and application-layer behavior. iRules provide a programmable interface for implementing complex traffic management policies without external components.

iRules execute in response to events such as CLIENT_ACCEPTED, CLIENT_CLOSED, SERVER_CONNECTED, HTTP_REQUEST, and HTTP_RESPONSE. Within an

Typical use cases include URL-based routing, content switching, A/B testing, cookie-based persistence, security controls, and other

While powerful, iRules add maintenance considerations and can impact performance if overly complex. They require Tcl-like

iRule,
administrators
write
handlers
that
inspect
and
modify
traffic
using
commands
in
the
HTTP::,
TCP::,
and
UDP::
namespaces,
along
with
general
LTM
commands
like
pool,
server,
and
log.
For
example,
an
iRule
can
inspect
an
HTTP
request
and
rewrite
headers,
redirect
clients,
select
a
backend
pool,
or
enforce
rate
limits.
customized
load-balancing
decisions
that
go
beyond
standard
virtual
server
settings.
iRules
are
attached
to
a
virtual
server,
and
traffic
matching
the
virtual
server
triggers
the
relevant
iRule
events,
allowing
tailored
behavior
for
both
inbound
requests
and
outbound
responses.
familiarity
and
careful
testing;
configurations
are
often
version-controlled.
iRules
can
be
complemented
by
newer
options
such
as
iRules
LX
(JavaScript-based)
and
iApps,
but
core
iRules
remain
the
primary
mechanism
for
on-device
traffic
control
on
BIG-IP
devices.