For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Matthew_Moore_6's avatar
Matthew_Moore_6
Historic F5 Account
Oct 04, 2007

Traffic ignore for specific IP

Hi All,     I'm trying to get return traffic ignored by a transparent vip. The sender is a bluecoat and is sending response back to client on the same vlan as my transparent vip. This is the rul...
application delivery
dev
devops
iRules
Matthew_Moore_6's avatar
Matthew_Moore_6
Historic F5 Account
Oct 04, 2007
I'm in the midst of a PoC for an ISP, basically I have to fit in thier layer2 network and LB web traffic through to a pair of BlueCoats. The constraints are that I have to be in bridge mode and I can't change the source ip of the client.

 

 

My current config is multiple vlans inside a vlan group, (vlan21, 22 and 23), vlan21 is the user vlan, vlan22 is the internet vlan and vlan23 is one of the bluecoats. The vip is located on vlan21 and is a transparent wildcard virtual grabbing all port 80 traffic and directing it at the bluecoats in vlan23.

 

 

Without an irule, all traffic directed back to the client via vlan21 from vlan23 is cpatured again by the wildcard virtual. I need the irule to determine the source ip and if its the bluecoat, do not apply the virtual. When the irule is applied, the virtual stops working and all traffic from the client goes out through the layer2 gateway on vlan23.

 

 

M