Forum Discussion
chabakro
Nimbostratus
Nimbostratusload balance based on payload data
Hi,
I need your help to do a "custom L7 load balancing" :
we are using F5 LTM to load balance a proprietary protocol and we would like to redirect some requests that contains a specific string to a different server/pool,
is this something we can do with irules ?
can we use Message routing framework (MRF) to achieve this ?
thank you
jaikumar_f5MVP
,
I'd try something like below, have done payload manipulation in the past, so i assume it should work.
Keep us posted/.
ltm rule test_rule { when CLIENT_ACCEPTED { set ltm_trace [string range [AES::key 256] 15 23] set vip [findstr [virtual name] "" 8 ] log local0. "LTM_TRACE=$ltm_trace VIP=$vip CLIENT=[IP::client_addr] has established a connection" } when CLIENTSSL_HANDSHAKE { SSL::collect } when CLIENTSSL_DATA { # Do not log fullpayload as it may contain sensitive information #log local0. "LTM_TRACE=$ltm_trace VIP=$vip FULLPAYLOAD=[SSL::payload]" if { [SSL::payload] contains "magic" } { pool magic_pool log local0. "LTM_TRACE=$ltm_trace VIP=$vip --> Pool=magic_pool" } else { pool default_pool log local0. "LTM_TRACE=$ltm_trace VIP=$vip --> Pool=default_pool" } SSL::release } when CLIENT_CLOSED { log local0. "LTM_TRACE=$ltm_trace VIP=$vip CLIENT=[IP::client_addr] connection is closed" } }
SamirThese kind of senerio not seen but try MRF and update us also.. thanks
chabakrocan something like this work ?
when CLIENT_ACCEPTED {
TCP::collect 100
}
when CLIENT_DATA {
set payload [TCP::payload]
if { $payload contains "magic" } {
pool magic_pool
} else {
pool default_pool
}
}
Something like that might work, but only if the TCP payload is in clear text and not encrypted, as with SSL/TLS.
- jaikumar_f5
As long as SSL Offload is there, it should be doable I believe. Like below code snippet Ive shared.