One VServer, Multiple Pools and Forward Request to both Pools

MVP

Feb 10, 2017

Hi James,

LTM's build-in cloning functionality is only able to clone traffic on a OSI Layer2 level (aka. packet duplication) and is intended to send a carbon copy of the incomming traffic to an NIDS system.

To clone the incomming request to two distinct nodes/application pools (at least different L3/4 information), you have to write a more or less complicated iRule which:

Note: Asuming you're trying to clone request for a website.

Collects each incomming HTTP-Header and HTTP-Payload (if exists)
Constructs a new HTTP-Request based on the collected HTTP-Header and HTTP-Payload
Performs a handcrafted Load-Balaincing decission to choose a member of the second pool.
Connects to the selected member of the secondary pool via a dedicated
```
[SIDEBAND]
```
(with ability to parse the response) or
```
[HSL]
```
(one way communication) connection.
Send the collected HTTP-Request to the established connection to the secondary pool member.
Parses the response of the secondary pool member (if needed and [SIDEBAND] was used).
Releases the original incomming request (without any modifications) and and then passes the response back to the client.

Cheers, Kai

Forum Discussion

One VServer, Multiple Pools and Forward Request to both Pools

Recent Discussions

Errors in setup of BIGIP-NEXT CM VE on KVM

SEEK ADVICE FROM WEB BAILIFF CONTRACTOR ON STOLEN CRYPTO

AS3 Deployments (shared objects)

rSeries and tenant upgrades

iRule interpretation assistance

Related Content

Big-IP Reporting? Vserver traffic stats, etc.?

python f5-vserver-tool

F5 Distributed Cloud – Multiple custom certificates for HTTP/TCP LB

Can an i-rule redirect all traffic hitting a Forwarding IP vserver to a standard Vserver

Bidirectional Forwarding Detection (BFD) Protocol Cheat Sheet