Forum Discussion
Nimbostratusunderstanding ltm policy
-
For your "myhttp" policy, there is a rule attached which is not provided here. But it looks at the rules (only 1 in this case), and upon the first match, it stops processing and performs the associated action. If there were more than one rule, none would be processsed after the first match. The "forwarding" control means that the rule action will be something like choosing a pool member, inserting a header, applying SNAT, etc.
-
Strategy "all-match" means that it doesnt stop processing after the first match. You may have multiple rules to apply to the traffic. All of them will be evaluated.
-
Best match strategy means that only the most specific match will be processed.
See the following articles: https://devcentral.f5.com/articles/ltm-policy-matching-strategies-20834 https://devcentral.f5.com/articles/ltm-policy
bluestar007_339Hi, For your "myhttp" policy, there is a rule attached which is not provided here.
Actually I did not find anything other than below
rules { myrule1 {
ordinal 1 } Does it mean there is no proper rule defined ? ThanksId looks like no rule is defined, correct. There should be an action and condition. See the example in the following article:
https://support.f5.com/csp/article/K15097
- bluestar007_339
Hi, Can you give an example policy for forcing hsts ?
It would be great help
Thanks
There is an example in this article that also includes a lightboard session.
 
https://devcentral.f5.com/s/articles/whiteboard-wednesday-http-strict-transport-security
 
- bluestar007_339
Hi, This link I have referred earlier .My doubt Is once I created the policy , How would I enforce this policy Thanks
The policy must be applied to the http virtual server which should also have an http profile. The HSTS header should force the browser to use https for the max-age period.
