HTTPS

Nimbostratus

Sep 14, 2015

ip dns name-server 8.8.8.8 8.8.4.4 admin-status online ! phone-home userid "admin" secret encrypted "TxHkBemi7Yg=" ! interface em0 mtu 1500 ip address dhcp ip address 192.168.10.25 255.255.255.0 ! interface em1 mtu 1500 --More-- Building configuration...

! hostname LROS !

! ip dns name-server 8.8.8.8 8.8.4.4 admin-status online !

interface em0 mtu 1500 ip address dhcp ip address 192.168.10.25 255.255.255.0 ! interface em1 mtu 1500 no ip dhcp client request router ip address dhcp ip address 192.168.10.26 255.255.255.0 ! interface em2 mtu 1500 no ip dhcp client request router ip address dhcp ip address 192.168.10.5 255.255.255.0 ! ip route 0.0.0.0/0 192.168.10.251 ! ssl profile self-signed attach certificate self-signed attach key self-signed ! ssl profile ssl1 attach primary-certificate ssl-cert attach private-key ssl-key attach chain-certificate bundle cert-b ! ssl profile ssl_prof_init1 ! ssl profile ssl_prof.com attach certificate cert_prim.com attach key key.com attach chain-certificate cert_chain.com ! real-server base rsbase_web max-connections 1000 service http response-timeout 60 response-idle-timeout 60 keepalive-timeout 10 admin-status online ! real-server rs-rep1 ip 192.168.10.53 80 base rsbase_web real-server rss-rep1 ip address 192.168.10.53 443 service tcp attach ssl profile ssl1 admin-status online ! real-server rssweb1 ip address 192.168.10.3 443 service http attach ssl profile ssl1 admin-status online ! real-server rsweb1 ip 192.168.10.3 80 base rsbase_web ! ! virtual-ip vipSecondary ip address 127.0.0.1 15000 service http admin-status online ! virtual-ip vipsecondary1 ip address 127.0.0.1 18000 service tcp admin-status online ! virtual-ip vipsweb1 ip address 192.168.10.26 443 attach ssl profile ssl1 service http admin-status online ! virtual-ip vipweb1 ip address 192.168.10.26 80 admin-status online ! real-server group rsgroup_rep members by regex "rs-rep1" ! real-server group rsgroup_test members by regex "rsweb.*" members by regex "rs1" members by regex "rsweb1" ! virtual-server Webssilo1 service http attach virtual-ip vipsweb1 attach real-server rssweb1 weight 0 ! virtual-server vsSecondary lb-algorithm round-robin service http attach virtual-ip vipSecondary attach real-server rs-rep1 weight 0 ! virtual-server vsSecondary1 service tcp attach virtual-ip vipsecondary1 attach real-server rss-rep1 weight 0 ! virtual-server websilo1 lb-algorithm round-robin service http attach virtual-ip vipweb1 default attach real-server rsweb1 weight 0 ! ssh allow from any allow to any 22 ! rest-server allow from any allow to any 8443 attach ssl profile self-signed ! script TrafficS-replication source inline "ENDWORD_TrafficS-replication" var vsm = require('lrs/virtualServerModule'); var https = require('https');

function ReplicateTraffic(scenarioName, primaryVSName, secondaryPort) { var self = this; self.primaryVS = primaryVSName; self.port = secondaryPort;

//We need a secondary port that we expect is a loopback virtual IP that
//goes to the secondary virtual server like this:
//
//virtual-server vsSecondary
//  attach vipSecondary default
//  attach real-server group ... !your secondary servers here
//
//virtual-ip vipSecondary
//  admin-status online
//  ip address 127.0.0.1 15000 !15000 is the secondary port
//
//

vsm.on('exist', primaryVSName, function(vs) {
    vs.on('request', function(req, res, next) {
        self.replicate(req, res, next);
    });
});

}

ReplicateTraffic.prototype.cloneReq = function(req) { var newReq = https.request({ host: "127.0.0.1", port: this.port, method: req.method, path: req.url, headers: req.headers}, function() {}); return newReq; }

ReplicateTraffic.prototype.replicate = function(req, res, next) { if(req.method == 'GET' || req.method == 'HEAD') { // Only do GET and HEAD var newReq = this.cloneReq(req); // Loop request through a dummy vip newReq.on('response', function(res) { console.log('saw B resp'); }); newReq.end(); } next(); }

var repl = new ReplicateTraffic("xxx", 'Webssilo1', 18000); ENDWORD_TrafficS-replication admin-status online attach certificate bundle cert-b ! script traffic-replication source inline "ENDWORD_traffic-replication" var vsm = require('lrs/virtualServerModule'); var http = require('http');

function ReplicateTraffic(scenarioName, primaryVSName, secondaryPort) { var self = this; self.primaryVS = primaryVSName; self.port = secondaryPort;

//We need a secondary port that we expect is a loopback virtual IP that
//goes to the secondary virtual server like this:
//
//virtual-server vsSecondary
//  attach vipSecondary default
//  attach real-server group ... !your secondary servers here
//
//virtual-ip vipSecondary
//  admin-status online
//  ip address 127.0.0.1 15000 !15000 is the secondary port
//
//

vsm.on('exist', primaryVSName, function(vs) {
    vs.on('request', function(req, res, next) {
        self.replicate(req, res, next);
    });
});

}

ReplicateTraffic.prototype.cloneReq = function(req) { var newReq = http.request({ host: "127.0.0.1", port: this.port, method: req.method, path: req.url, headers: req.headers}, function() {}); return newReq; }

var repl = new ReplicateTraffic("xxx", 'websilo1', 15000); ENDWORD_traffic-replication admin-status online attach certificate bundle cert-b !

Forum Discussion

Recent Discussions

Problem with lets encrypt and redirect after update

Should config via cli rather than gui?

Is a Dedicated Interface, VLAN, and Self IP Required for a VIP in an F5 Configuration?

question about getting hsl data to be formatted properly in splunk

iRule for client certificate verification and inserting CN

Related Content

HTTPS to HTTP

What is HTTP Part X - HTTP/2

What is HTTP Part V - HTTP Profile Basic Settings

Http server node receives partial http request big-ip load balancer

HTTP and HTTPS on a single virtual server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS