Forum Discussion
NimbostratusSite Down Page
We have been developing iRules that redirect clients to a site down page hosted on an IIS server when a pool is down. This has been working well. However, we have cases where the F5 does not do the SSL Offload for an application and does not have a http profile applied. We are trying to do the same type of redirect when the VIP only has a TCP profile applied to it. Does anyone have any suggestions on how to do this? All ideas are appreciated.
3 Replies
- Kevin_Stewart
Employee
You're really stuck manipulating layers 3 and 4 without being able to terminate the SSL. Here's a thought.
You'll need an IIS "down" server that listens on 443, and then simply redirect to this node (or pool) if the health monitors have marked all of the application servers down.
when CLIENT_ACCEPTED { if { [active_members app_pool] < 1 } { pool down_pool } } 
Joe_Curl_105786Kevin,
We planned on having the pages on a seperate web server. We really did not want to have the html code on the F5. I will look into this one and see what we can do. Thanks for the input.
- Kevin_Stewart
My suggestion was that you have a separate IIS server for the "site down" content that is listening of port 443 (HTTPS). When the BIG-IP health monitor detects an outage, it'll just swing the traffic to this pool without decrypting.
