F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Kenny_Van_73892's avatar
Kenny_Van_73892
Icon for Nimbostratus rankNimbostratus
Jun 29, 2005

direct ssl traffic to specified member within a pool by irule?

I have a situation and need some advices.   Let say I have a pool called Webpool and it contents 10.10.0.1, 10.10.0.2, 10.10.0.3. The 10.10.0.1 and 10.10.0.2 host non-secure contents that are f...
application delivery
dev
devops
iRules
v4
bknotwell_12713's avatar
bknotwell_12713
Historic F5 Account
Jun 29, 2005
Hi Kenny--

 

 

Unless I don't understand what you want, you're making your life harder than necessary. Something like the following ought to be adequate:

 

 

o create a pool containing 10.10.0.1 and 10.10.0.2

 

 

o create a virtual server on port 80 that references that pool. NB: for extra credit, you create a rule that discards all requests to the admin uri (assumption: the webservers will respond to requests for that uri. If they don't, you're fine with the pool).

 

 

o create a pool containing 10.10.0.3

 

 

o create a virtual server (same address as before if you'd like) on port 43 that references that pool. If necessary (and directly on-topic), you could then create a class of allowed ip addresses and use a rule to ensure connections to that virtual server only come from approved* addresses while discarding all other requests.

 

 

*see the documentation on classes, the "one of" operator, and the client_addr operand.

 

 

Good luck!

 

 

 

 

Good luck!