Forum Discussion
Racquel_Mays
Feb 09, 2021Employee
Use LTM Policies to Create a VIP listening on Specific Ports
All, we are moving from A10 to F5 LTM. With A10 we have 1 VIP, and up to 4 "service-groups" or pools serving 4 specific ports. My goal is to provide a similar functionality in the LTM using Local Tra...
- Feb 10, 2021
#facepalm...notice the hidden option on the tcp port:
mine was remote by default, changing to local fixed the issue. Working policy that should help:
ltm policy allports_testpolicy { controls { forwarding } last-modified 2021-02-10:16:42:35 requires { tcp } rules { tcp-80 { actions { 0 { forward client-accepted select pool nerdlife_pool } } conditions { 0 { tcp client-accepted port local values { 80 } } } } tcp-8080 { actions { 0 { forward client-accepted select pool nerdlife_pool } } conditions { 0 { tcp client-accepted port local values { 8080 } } } ordinal 1 } tcp-all-else { actions { 0 { shutdown client-accepted connection } } conditions { 0 { tcp client-accepted port local not values { 80 8080 } } } ordinal 2 } } status published strategy first-match }
JRahm
Feb 10, 2021Admin
#facepalm...notice the hidden option on the tcp port:
mine was remote by default, changing to local fixed the issue. Working policy that should help:
ltm policy allports_testpolicy {
controls { forwarding }
last-modified 2021-02-10:16:42:35
requires { tcp }
rules {
tcp-80 {
actions {
0 {
forward
client-accepted
select
pool nerdlife_pool
}
}
conditions {
0 {
tcp
client-accepted
port
local
values { 80 }
}
}
}
tcp-8080 {
actions {
0 {
forward
client-accepted
select
pool nerdlife_pool
}
}
conditions {
0 {
tcp
client-accepted
port
local
values { 8080 }
}
}
ordinal 1
}
tcp-all-else {
actions {
0 {
shutdown
client-accepted
connection
}
}
conditions {
0 {
tcp
client-accepted
port
local
not
values { 80 8080 }
}
}
ordinal 2
}
}
status published
strategy first-match
}
- Racquel_MaysFeb 10, 2021Employee
This looks great! Testing now. Will update.
- Racquel_MaysFeb 11, 2021Employee
It's working! I'm doing the fine tuning that Daniel spoke now. Great work. Also. Are you the one of the "F5 YouTube Stars"? You look like one of them :).
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects