Forum Discussion
NimbostratusiRule to send to server by destination port
Hi All,
I'm new to the F5s, having used other LBs before and am after a little assistance.
I have setup a VS listening on all ports, added the relevant ssl profiles to de-crypt and re-encrypt and added two pools as follows :
Pool 1 - One IP address pointing to port 443
Pool 2 - A different IP address pointing also to port 443.
I've then created an iRule, shown below, to allow incoming requsts on port 443 to the VS to go to pool 1 (dst port 443) and incoming requests on port 8443 to go to pool 2 (dst port 443).
when CLIENT_ACCEPTED {
switch [TCP::local_port] {
443 {
pool LiveSite
HSL::send [HSL::open -proto UDP -pool Syslog] "Client IP: [IP::client_addr] connected to local port [TCP::local_port], pool'd to LiveSite"
}
8443 {
set port 443
pool DevSite member
HSL::send [HSL::open -proto UDP -pool Syslog] "Client IP: [IP::client_addr] connected to local port [TCP::local_port], pool'd to DevSite"
}
default {
HSL::send [HSL::open -proto UDP -pool Syslog] "Client IP: [IP::client_addr] connected to local port [TCP::local_port], rejected"
reject
}
}
}
Pool 1 works fine, but requests to port 8443 get sent to pool 2 on port 8443 rather than 443 - I've proved this using tcpdump on the F5.
Any help would be much appreciated.
Thanks
Richard
2 Replies
- Kevin_Stewart
Employee
Check your virtual server configuration to make sure Port Translation is enabled. Creating a virtual server that listens on 0 (* All Ports) will disable port translation by default. 
Richard_22613Thanks very much for this, checked and it wasnt enabled.
I've enabled it and all now is working great.
Thanks again
Richard
