VIP listening on a port range

Question

Hi,&nbsp;
I have the following scenario.&nbsp;
F5: VIP with port range UDP 60007-60029
Pools : same members, with same port range 6007-60029 UDP mapped as follows:&nbsp;
VIP1 : IP1:60007 - POOL : members:60007&nbsp;
VIP1 : IP1:60008 - POOL : members:60008&nbsp;
Since there is a lot of redundancy in this configuration I would like to find a way of reducing the config overhead. Such as configuring an "any" port in the Virtual Server, then directing each request to a certain pool based on VS port. 
Any other suggestions?&nbsp;

youssef1 · Answer

Hi I think is a good way.
You can create just one VS with a wildcard port (your pool memeber have to be set in wildcard port too).
If you set a monitor you have to set it in transparent mode.
And create an irule in order to authorize the intended port...
when CLIENT_ACCEPTED { 
    if { [TCP::local_port] &gt;= 60007 &amp;&amp; [TCP::local_port] &lt;= 60029 } { 
         do nothing
    } else { 
        reject 
    }
}

stanislas_piro2 · Answer

Hi,&nbsp;
Best configuration when you create a virtual server listening on any port is to configure too the pool members with any port.&nbsp;
The client side destination port will be used for the server side destination port.&nbsp;

Forum Discussion

VIP listening on a port range

2 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Checking for X-Forwarded-For against an Address Data-Group

SSL Bridging and FQDN rewrite Policy

Cisco TACACS+ Config on ISE LTM Pair

iRule causing requests to be duplicated (sometimes)

How can I get started with iCall

Related Content

Application Study Tool: Make Grafana Listen on HTTPS

F5 Distributed Cloud - Listener Logic

Policy to forward to a range of ports

Assistance with iRule using port ranges

How to listen to the DevCentral Podcasts

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS