For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

cymru81's avatar
cymru81
Icon for Altocumulus rankAltocumulus
Aug 12, 2019

irule pool member help

we have a VIP that currently uses this irule:   ## # Notify the backend servers that this traffic was SSL offloaded by the F5. ## when HTTP_REQUEST {  HTTP::header insert "X-Forwarded-Proto" ...
jonwest1_uk's avatar
jonwest1_uk
Icon for Cirrus rankCirrus
Aug 12, 2019

Hi Cymru81,

You can create a pool for each site then select which to direct traffic to based on the hostname. If the site is on both IIS servers include them both as members, if not just have 1 as a member.

ltm rule poolselect {
    when HTTP_REQUEST {
		HTTP::header insert "X-Forwarded-Proto" "https";
		HTTP::header remove "X-Forwarded-For"
		HTTP::header insert "X-Forwarded-For" [IP::client_addr] 
		
		set httphost [string tolower [HTTP::host]]
        switch -glob $httphost {
            "site1.com" {
                pool site1
            }
            "site2.com" {
                pool site2
            }
            "site3.com" {
                pool site3
            }			
            default {
                HTTP::respond 404 noserver
                TCP::close
                event disable all
            }
        }
    }
}