F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Murugs_322349's avatar
Murugs_322349
Icon for Nimbostratus rankNimbostratus
Oct 10, 2017

SNI Based on IRule

I have a requirement to set SNI based on the incoming context for every subsequent requests by same client to the same back-end server.   I have put the following in SERVERSSL_CLIENTHELLO_SEND ...
application delivery
LTM
Kai_Wilke's avatar
Kai_Wilke
Icon for MVP rankMVP
Oct 10, 2017

Hi Murugs,

to force an 

SERVERSSL_CLIENTHELLO_SEND
event after each single 
HTTP_REQUEST
event you would need to execute 
[LB::detach]
on/after every single 
HTTP_REQUEST
or 
HTTP_RESPONSE
event. But this approach would hurt your overall performance and is absolutely NOT recommended...

I'd like to ask the question why do you need to do that?

You need SNI just to select a specific SSL cert on your web server. After the Server SSL handshake is completed, you can pump as many HTTP request over the established TCP connection / SSL session without the need to further manipulate server side SNI records.

Cheers, Kai