Forum Discussion
NimbostratusIrule to redirect 1 virtual server to multiple pools
Hi, In our lab enviornment we have a virtual server that function as a reverse proxy and configured to accept TCP profile only because we are using a self signed certificate. Today I got a request to add additional pool for another url. My question is: Because I cannot add http profile to the virtual server is there any option to create an irule that redirects the request to different urls (pools) but uses the same virtual server on client_accepted event? for example: when Client_accepted { switch (the parameter I'm trying to figure out what it is) { "myurl1.com" {pool mypool1} "myurl2.com" {pool mypool2} } }
Thanks in advance, Omer.
3 Replies
Arnaud_LemaireEmployee
if you stick to TCP you can only use L3/L4 information to direct users.
i don't get your point why you cannot use L7 virtual with http profile and ssl profile ?
tatmotivCirrostratus
Why would a self signed certificate prevent you to add an http profile to the virtual?
Did you mean you need different certs depending on the host header in the request? If that's the case, you could try to use SNI (server name indication) in the clientssl profile on your Big IP and thus be able to deliver several certificates from the same ip/port depending on the host being requested. Then, you can also deploy an http profile and have an iRule react on HTTP host / URI or such.
See here for details about SNI.
HTH
Martin
Vijay_ECirrus
You would probably have to utilize some kind of TCP::collect in order to make decision without using http profile.
If you would like to use SSL off-loading, it should be straightforward with HTTP profile and SSL terminated on the F5. You can also re-encrypt the traffic and send encrypted traffic to server using serverside SSL.
