Forum Discussion
hc_andy_35682
Mar 22, 2010Nimbostratus
OneConnect and Proxy/Squid Load Balancing
Hi All,
We provide proxy services (http/https) to a large number of schools (each with their own static IP). Each school can have 1000's of connections to the virtual server at any time...
Spidey_29396
Feb 21, 2012Nimbostratus
Hi nitass,
We are configuring F5 to load balance squid web cache proxy:
This is the flow:
Client >> F5(rewrite) >>F5 forward to cache proxy servers>>Cache proxy servers >> F5(transparent) >> Client
Inbound and outbound traffic falls on the same VLAN. Using same interface
INBOUND: From internet to firewall to F5
OUTBOUND: F5 to Cache servers
VS is configured for the 2 cache servers
Used iRule to rewrite URL
Objective:
To be able to rewrite the URL and then gets passed to the cache servers after the rewrite.
Maintain the session
So traffic gets cached.
Client initiates HTTP request with URL: www.google.com.example.com.ph
With iRule,example.com.ph gets truncated, then returns back www.google.com to the client browser.
This is working, and F5 rewrites it
However, upon rewriting F5 must forward it to the cache servers.
Problem:
traffic is not getting a hit on the cache servers.
From the iRule, it seems that once URL is rewritten traffic gets redirected and doesn’t go to cache.
virtual LB-Voyager {
snat automap
pool LB_Voyager-MIB_3128
destination 10.128.142.60:http
ip protocol tcp
rules LB_Voyager6
persist beta_mysandbox_cookie_insert
profiles {
http_beta_mysandbox {}
tcp {}
}
}
}
pool LB_Voyager-MIB_3128 {
monitor all gateway_icmp and tcp_3128
members {
10.128.142.58:squid {}
10.128.142.61:squid {}
}
}
rule LB_Voyager6 {
when HTTP_REQUEST {
set host [string tolower [HTTP::host]]
set newhost [string map {".example.com.ph" ""} $host]
if {$host ne $newhost} {
HTTP::redirect "http://$newhost[HTTP::uri]"
}
}
but we are not hitting the servers.
- Mahmoud_ElSouryJul 14, 2015NimbostratusHi Spidey, Was the problem resolved, I have the same problem now.
- Spidey_29396Jul 15, 2015NimbostratusHi Mahmoud ElSoury, Unfortunate client didn't push thru with the project. Thanks! Ferdz
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects