Forum Discussion
Brian_Dantzig
Nimbostratus
NimbostratusSelectivly send requests to encrypted or non-encrypted pools
I have a web page that populates a framset with objects from two different pools. One is an encrypted (ssl) connection and the other is unencrypted.
My virtual server has both client ssl and server ssl profiles. The default pool is set to the pool with the encrypted servers.
It appears that once the ssl is disabled for the unencrypted server, it also turns off ssl for the encrypted server.
.
when HTTP_REQUEST {
if { ([HTTP::path] starts_with "/irj") } {
pool test-pool
}
}
when SERVER_CONNECTED {
if {[LB::server pool] == "test-pool"} {
{SSL::disable}
}
}
hoolioCirrostratus
You could explicitly add a default case to the iRule or add a OneConnect profile to the virtual server to prevent this.when CLIENT_ACCEPTED { Save default pool name set default_pool [LB::server pool] } when HTTP_REQUEST { if { ([HTTP::path] starts_with "/irj") } { pool test-pool } else { pool $default_pool } } when SERVER_CONNECTED { if {[LB::server pool] eq "test-pool"} { SSL::disable } }
For details on OneConnect and pool selection you can review Deb's articles linked from this post:
http://devcentral.f5.com/Default.aspx?tabid=53&view=topic&postid=30865&ptarget=30875
and here:
http://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&tpage=1&view=topic&postid=3392157229
Aaron