Forum Discussion
Racquel_Mays
Employee
EmployeeUse LTM Policies to Create a VIP listening on Specific Ports
All, we are moving from A10 to F5 LTM. With A10 we have 1 VIP, and up to 4 "service-groups" or pools serving 4 specific ports. My goal is to provide a similar functionality in the LTM using Local Tra...
#facepalm...notice the hidden option on the tcp port:
mine was remote by default, changing to local fixed the issue. Working policy that should help:
ltm policy allports_testpolicy { controls { forwarding } last-modified 2021-02-10:16:42:35 requires { tcp } rules { tcp-80 { actions { 0 { forward client-accepted select pool nerdlife_pool } } conditions { 0 { tcp client-accepted port local values { 80 } } } } tcp-8080 { actions { 0 { forward client-accepted select pool nerdlife_pool } } conditions { 0 { tcp client-accepted port local values { 8080 } } } ordinal 1 } tcp-all-else { actions { 0 { shutdown client-accepted connection } } conditions { 0 { tcp client-accepted port local not values { 80 8080 } } } ordinal 2 } } status published strategy first-match }
Racquel_MaysEmployee
EmployeeHello, I configured the policy. I have the pool members serve a simple web page, so I know end-to-end communication works. However, when I apply the policy I no longer get the page. However, using curl, I see that I get connected to the VIP along with GET. Instead of giving 200 OK, I get:
curl: (56) Recv failure: Connection reset by peer
* Rebuilt URL to: http://{IP Redacted}/
* Trying {IP Redacted}...
* TCP_NODELAY set
* Connected to {IP Redacted} ({IP Redacted}) port 80 (#0)
> GET / HTTP/1.1
> Host: {IP Redacted}.
> User-Agent: curl/7.54.0
> Accept: */*
>
* Recv failure: Connection reset by peer
* stopped the pause stream!
* Closing connection 0
curl: (56) Recv failure: Connection reset by peer