Forum Discussion
Big-IP ASM and websockets
I'm trying to let websockets (ws://) connections run through ASM, the backend application is based on socket.io/nodejs.
It seems that connections are falling back to xhr-polling which means that websocket couldn't initialize a connection properly.
Does anybody have experience with websockets on ASM?
Regards,
Jo
- Jo_97199Nimbostratus
Hi Which version are you running. With 11.6 the workaround is obsolet as websockets are supported.
Regards, Joris
- Jorjjj_118094Nimbostratus
Hello,
I am using v11.6.0, VMware Virtual Edition
Is there any thing specific to configure to enable the WebSocket support over ASM?
Regards,
Georges
- Hannes_RappNimbostratusYou will still need to use the workaround. Websockets support only covers LTM. Depending on what other iRules you use, the HTTP::disable and HTTP::enable functions might be eligible for removal (you'll have to test it for yourself). The ASM::disable & ASM::enable MyPolicyName are still required, and so is the iRule workaround. You can also use an LTM Policy (Local Traffic > Policy) for the purpose.
- Jorjjj_118094NimbostratusHello It worked well with the iRule! What is the difference between using iRule & LTM Policies in my Use Case?
- Hannes_RappNimbostratusLTM Policy is visually appealing and easier to understand, typically preferred by "jack-of-all-trades" network admins. Deeply specialized F5 engineers prefer to use iRules because they can be used to solve problems where LTM Policy is lacking in functionality. You can also use a combination of both, no ultimate right or wrong here - do what makes the most sense to you.
- JorjjjNimbostratus
Hello,
I am using v11.6.0, VMware Virtual Edition
Is there any thing specific to configure to enable the WebSocket support over ASM?
Regards,
Georges
- Hannes_RappNimbostratusYou will still need to use the workaround. Websockets support only covers LTM. Depending on what other iRules you use, the HTTP::disable and HTTP::enable functions might be eligible for removal (you'll have to test it for yourself). The ASM::disable & ASM::enable MyPolicyName are still required, and so is the iRule workaround. You can also use an LTM Policy (Local Traffic > Policy) for the purpose.
- JorjjjNimbostratusHello It worked well with the iRule! What is the difference between using iRule & LTM Policies in my Use Case?
- Hannes_RappNimbostratusLTM Policy is visually appealing and easier to understand, typically preferred by "jack-of-all-trades" network admins. Deeply specialized F5 engineers prefer to use iRules because they can be used to solve problems where LTM Policy is lacking in functionality. You can also use a combination of both, no ultimate right or wrong here - do what makes the most sense to you.
- Jo_97199Nimbostratus
we have a VIPs for LTM and an ASM http profile assigned, working without any workaround in the irules. 11.6 HF4
- JorjjjNimbostratusHello Jo, Do you have an Application with WEB Socket traffic?
- Jo_97199Nimbostratus
yes, we have one but you were right. I double-checked it and my notes and as those VIP only host the websockets, we disabled the http profile there. That's the reason the irules are not enabled any more. sorry :(
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com