For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Thanadon_Wattan's avatar
Thanadon_Wattan
Icon for Nimbostratus rankNimbostratus
Oct 31, 2006

need help: https 1 VS to multiple pools by client IP

I would like to send traffic to different pool for different client IP in https connection. but I have no idea that I can write i-rule like this :

 

 

when CLIENT_ACCEPTED {

 

if { ( [IP::client_addr] == 10.20.30.40 ) and

 

( [TCP::local_port] == 443 ) } {

 

use pool gateway_3260

 

} else {

 

use pool gateway_443

 

}

 

}

 

 

Is it possible to do same as http in https connection

 

or i need to write it different.

 

 

more information :-

 

virtual server port : 443

 

F5 should not break ssl connection between client & server

 

or ssl should not terminate at F5

 

 

Thank you in advance for any idea,comment and help.

 

or let me know if you need more information.
application delivery
dev
devops
iRules

1 Reply

  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Oct 31, 2006
    If you want to have BIG-IP load balance the traffic to a pool of servers, you should be able to set up a standard TCP VIP on port 0 (any) and use the rule you listed above to route traffic based on client IP address and the requested port.

     

     

    However, based on the pool names you have listed, it looks like you might be wanting to use a forwarding VIP going to a pair of forwarding devices.

     

     

    If the latter is correct, check this thread (Click here) for some options and limitations on setting up a rule with a wildcard VIP.

     

     

    Aaron