Forum Discussion
Use LTM Policies to Create a VIP listening on Specific Ports
- Feb 10, 2021
#facepalm...notice the hidden option on the tcp port:
mine was remote by default, changing to local fixed the issue. Working policy that should help:
ltm policy allports_testpolicy { controls { forwarding } last-modified 2021-02-10:16:42:35 requires { tcp } rules { tcp-80 { actions { 0 { forward client-accepted select pool nerdlife_pool } } conditions { 0 { tcp client-accepted port local values { 80 } } } } tcp-8080 { actions { 0 { forward client-accepted select pool nerdlife_pool } } conditions { 0 { tcp client-accepted port local values { 8080 } } } ordinal 1 } tcp-all-else { actions { 0 { shutdown client-accepted connection } } conditions { 0 { tcp client-accepted port local not values { 80 8080 } } } ordinal 2 } } status published strategy first-match }
From a management point of view, I personally think creating multiple Virtual Servers on separate ports is an easier and more understandable solution.
If you do want to create a single Virtual Server that listens on multiple ports, you can use a Traffic Matching Criteria on the virtual:
You have to create and assign the traffic-matching-criteria from the CLI, but you can use address lists and port lists, and can configure Source Address lists and destination address lists/destination port lists.
I agree Simon...Client does not want to use multiple virtual server instead want to use One VIP.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com