DataScript Precedence
Many DataScript capabilities can be performed via policies and potentially standard features. It is important to understand the order of precedence, as this will dictate the order that various functions will occur. For instance, if a network security policy is set to discard a connection, a DataScript set to redirect certain HTTP requests may never see the client.
Responses generated by Avi DataScripts or Avi policies are not evaluated by DataScripts. For instance, an HTTP response generated by the HTTP request policy cannot be inspected or modified by a DataScript.
More than one DataScript may be applied to a single virtual service. The order of the DataScripts is important, as DataScripts with the same event will be run in the order set. When adding DataScripts via the UI, use the up and down arrows next to the DataScript to reorder. The DataScript at the top of the list will run first. Avi Vantage processes traffic in the following order of precedence:
Client Request:
- TCP Setup
- Network Security Policy
- SSL Handshake
- HTTP Security Policy
- DataScript Authentication Event
- Client Authentication
- DataScript Post Authentication Event
- DataScript Request Policy
- HTTP Request Event
- Normal VS/Pool/Profile Processing
Server Response:
- DataScript Response Event
- HTTP Response Policy
- Content Rewrite Profile
In the order of precedence, individual features may be inserted at different points based on the functionality of the feature. For instance, connection throttling will occur during step 1 of the client request, not step 7.
Document Revision History
Date | Change Summary |
---|---|
December 07, 2020 | Updated the Order of precendence under Client Request(Version 20.1.3) |