iRule help with ports and pools

Please read the following thread:

 

 

Click here

 

 

-Brian

 

 

P.S. - You don't need an irule.. Let us know if you have further questions.

Actually, How many ports are we talking about? An iRule may help if it's a very large number....

Are you directing traffic according the the destination port of the client request? If so, then why not set up a separate vip for each port that is a special case?

I'd like to be able to set up a VIP for each port but it isn't that simple. I'm replacing Cisco Local Directors with BIG-IP's. The infrastructure is in place and I'm not supposed to change anything on the network with the exception of the load balancers. Currently the VIP's on the Local Director load balance multiple ports. For instance, one VIP is used for 10 different ports on a group of load balanced servers. Another VIP is for 4 ports. With a Local Director you can bind multiple ports to a single VIP but you can't with an BIG-IP. I didn't configure the Local Directors. I figured that an iRule that would direct traffic sent to specific server ports to different pools would be the best solution. An F5 engineer mentioned that I could assign port 0 to the VIPs and pools which would load balance all traffic. I might have to do that if an iRule doesn't work. I would rather lock things down somewhat then allow all traffic if at all possible.

 

 

Thanks for the help!

I think there is a disconnect. In F5 terminology a VIP is an IP-Address/Port combination. Multiple VIPs can listen on the same IP address.

 

 

Thos VIPs can all use the same pool/rules and loadbalancing algorithm... It is in effect the same thing as a Cisco VIP listening on multiple ports. You just need to conceptualize it a little defferently

 

 

-Brian

 

 

P.S. - Your F5 rep was correct to tell you that a VIP can listen on port 0 (Meaning all). It is normally used for different purposes however. (e.g. - a forwarding IP)

I realize that setting up a VIP for each port will work too. The reason I don't want to do that is for administrative purposes. The BIG-IP would have a few dozen VIP's if I did that. I figured there should be a way to use an iRule to accept traffic on a single VIP and send it to the appropriate pools which would make configuration and management much simpler.

 

 

Thanks again.

 

Yes, you can do it with an iRule. However, I'm going to recommend that you setup multiple vips. It's more efficient that way. The iRule would look something like this:

when CLIENT_ACCEPTED {
  if {[TCP::local_port] == 4080} {
    pool Pool1
  } elseif {[TCP::local_port] == 5080} {
    pool Pool2
  } elseif {[TCP::local_port] == 9080} {
    pool Pool3
  }
}

Thanks for the advice/assistance drteeth and brandorr. Much appreciated.

hi! good mornig! i have a problem, i need create in only one pool many ports with their VS,

Hi Jessica,

 

 

Can you clarify what you're trying to accomplish?

 

 

Do you want to allow clients to connect to the same virtual server using many different destination ports? If so, you could configure the virtual server and pool members on port 0 (any) and then use an iRule to restrict which ports are accessible. See this thread for an example:

 

 

http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/50/afv/topic/aft/1174676/aff/5/showtab/groupforums/Default.aspx

 

 

If that's not what you're trying to do, can you explain further?

 

 

Thanks, Aaron