Forum Discussion

Nimbostratus

Oct 10, 2017

SNI Based on IRule

I have a requirement to set SNI based on the incoming context for every subsequent requests by same client to the same back-end server. I have put the following in SERVERSSL_CLIENTHELLO_SEND ...

application delivery

LTM

Kai_Wilke

MVP

Oct 10, 2017

Hi Murugs,

to force an

SERVERSSL_CLIENTHELLO_SEND

event after each single

HTTP_REQUEST

event you would need to execute

[LB::detach]

on/after every single

HTTP_REQUEST

HTTP_RESPONSE

event. But this approach would hurt your overall performance and is absolutely NOT recommended...

I'd like to ask the question why do you need to do that?

You need SNI just to select a specific SSL cert on your web server. After the Server SSL handshake is completed, you can pump as many HTTP request over the established TCP connection / SSL session without the need to further manipulate server side SNI records.

Cheers, Kai

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SNI Based on IRule

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

Connection Rate Limit with log output

syslog over tcp and define management IP as source

Managing iRules configuration

Recommendation for Adv. Lab

Related Content

Serverside SNI injection iRule

SNI Routing with BIG-IP

How to Troubleshoot SNI

SNI Routing with DNS Lookup

iRule based RADIUS Client Stack

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS