Forum Discussion
Surendar1
Nimbostratus
NimbostratusCreate One VirtualServer[VIP] with Multiple Ports
Hi, Currently the setup I have is, on a single partition I have 100+ VIP's with same ip, pointing to different ports. The reason for this setup is, we have postgres & redis-opendb database running o...
Surendar1Nimbostratus
Nimbostratusin that case, will it not be a multiple VIP entries?
PhatANhappy
MVP
MVPf5 will answer listen most specific to least specific. you can apply both in some cases -I have setup 3 vips on one IP address
80----8080, 443 --- 8443, and also a wild card to pickup a range :0 to :0
I prefer to set the firewall rule to limit the port range at layer 3/4, setting the ingress firewall rule to allow 80,443, 10000-20000.
in that case - pattern match for 80/443 will do a redirect as needed - and the f5 will take all other ports "that arrive" on the interface as a 1:1 mapping 10000---10000, 10001-10001 etc. since the firewall (ingress rule) is restricted to the range, traffic will not arrive on ports 20 or 21 or 40,000....
if all your mappings are straight across 80-80, 443-443 ---- you can use a wildcard for all of them, keeping in line with the firewall rule to prevent the bad.