bibilthaysose
Jun 08, 2022Altocumulus
How many layers is too many layers of Virtual Servers?
I am trying to set up a multi-layered proxy in an F5 LTM. Layer 1 policy forwards requests to layer 2 virtual servers based on the first segment of the path, layer 2 policy then does more intensive examination and acts on requests and acts on them accordingly by either forwarding them to pools, redirecting, or if no other policies match, they forward to a 3rd layer which unconditionally serves a standard 404. AS3 Example:
Layer 1 policy:
...
{
"name": "w3echo_delta",
"conditions": [
{
"type": "httpUri",
"event": "request",
"path": {
"operand": "equals",
"values": [
"/w3echo/delta"
]
}
}
],
"actions": [
{
"type": "forward",
"event": "request",
"select": {
"service": {
"bigip": "/tenant/app/serviceMain"
}
}
},
{
"type": "httpHeader",
"event": "response",
"remove": {
"name": "Server"
}
}
]
}, ...
Layer 2 policy:
...
{
"name": "A_default",
"conditions": [
{
"type": "httpUri",
"event": "request",
"path": {
"operand": "starts-with",
"values": [
"/w3echo/delta/"
]
}
}
],
"actions": [
{
"type": "forward",
"event": "request",
"select": {
"pool": {
"use": "pool_0"
}
}
},
{
"type": "httpHeader",
"event": "request",
"replace": {
"name": "Host",
"value": "w3proxy-tester-delta.host.com"
}
}
]
},
...
Fall through layer 2 policy:
...
{
"name": "A_catch_all",
"conditions": [
{
"type": "httpUri",
"event": "request",
"path": {
"operand": "starts-with",
"values": [
"/w3echo/delta/"
]
}
}
],
"actions": [
{
"type": "forward",
"event": "request",
"select": {
"service": {
"bigip": "/tenant/fallthru_app/serviceMain"
}
}
}
]
}
...
My question is whether this will put undue strain on the LTMs, and whether there's a more efficient/elegant way to do this. I'm not an expert at LTM policy rules by any stretch, so please excuse my ignorance 😄