Forum Discussion
NimbostratusBIG IP LTM - Multiple application on single VIP with multiple ports allowed.
Dear Community,
I have a requirement with the following setup and would like to understand if it's possible from F5 LTM.
The setup is that there is a VIP on which 3000 ports are allowed i.e. from 30000-33000.
Behind the VIP there are 2 nodes in the pool on which port 0 i.e. all the ports are allowed.
There will be 300 different applications running on the VIP so 300 ports will be used from available 3000.
The requirement is that when the user tries to connect to one application, the VIP should check node 1 and if the port for that specific application is active it should forward the request to node 1 but if the port is down then it should forward the request to the node 2.
Is this kind of setup possible for such large number of applications running on single vip using iRule/load balancing method or any other way?
If yes, then what iRule/method will be used here.
Setup is shown in the attached image, Thank you for the response in advanced.
Regards
1 Reply
- Aswin_mk
MVP
HEllo ,
You can configure a virtual server to listen on a range of ports, or a list of specific ports, instead of a single port. Currently, this must be done using iRules. For security reasons, when you configure an iRule to specify a range of ports, or a list of specific ports, for a virtual server, you should use the reject iRules command because it triggers the BIG-IP LTM system to reject connections that do not fall within the specified range of ports, or matches the specific ports listed.
when CLIENT_ACCEPTED {
if {([TCP::local_port] >= <start port> && [TCP::local_port] <= <end port> ) } {
return )
else reject
}BR
Aswin
