Forum Discussion
sandy16
Altostratus
Altostratusirule for F5 to return a message/string
Folks,
i need to do load-balancing based on the "uri" in the url. I have this working BUT need the F5 to return a http code/message like"Use /dev or /qa to go to your environments" if no uri is matched. I don`t need to do a re-direct to another webserver as I do not have one that can send the same message.
Have the folowing irule -
when HTTP_REQUEST {
if {[HTTP::uri] contains "/dev"} {
pool dev-suite-pool
if {[HTTP::uri] contains "/qa"} {
pool qa-suite-pool
} else {
*****test message: please use /dev, or /qa or /uat to go to your respective environments"
}
}
Please advise?
23 Replies
- Kevin_Stewart
Employee
Something like the following should work:
HTTP::respond 200 content "Please use /dev, or /qa, or /uat to go to your respective environments" 
What_Lies_Bene1Cirrostratus
Thanks Kevin. You might want to add this after the string too (with thanks to nitass):noserver Content-Type "text/html" Connection "Close"
sandy16Thanks guys, bothering you all again -
I need to perform a end to end SSL in this kind situation. The VIP only takes one serverssl profile in it, as I have to associate atleast 3 server ssl profiles to my VIP, how do i achieve this?
Mohamed_LrhaziAltocumulus
I would suggest you started a new thread with appropriate subject line, and further expalin as much as you can what you need to do.
What do you mean by "end to end" SSL?
You need one serverssl profile per pool? per pool member?- Kevin_StewartCan you elaborate? By "end-to-end" do you mean decrypt and re-encrypt?
- sandy16yes...so from the user borwser its ssl, and then from the F5 to the end servers also it`s SSL.
- sandy16yes...so from the user borwser its ssl, and then from the F5 to the end servers also it`s SSL.
- Kevin_StewartSo assuming decrypt and re-encrypt, the iRule would be the same.
Do you need multiple server SSL profiles because they have significantly different settings? - sandy16you got it... i assume that all servers are going to have the same settings and will be signed by the same Internal CA. So keeping that in mind one server-ssl profile should be sufficient.
- Kevin_StewartCorrect, so unless you have separate security, cipher, or certificate requirements for each server side connection, you should be able to use the same server SSL profile.
