For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Moe961-9_327644's avatar
Moe961-9_327644
Icon for Nimbostratus rankNimbostratus
Jul 24, 2017

Virtual Server Profiles

Hi   I have an LTM policy that redirects traffic based on host name to multiple virtual servers.   On the main virtual server where the LTM policy is allowed, I have DoS protection and persist...
application delivery
LTM
Jad_Tabbara__J1's avatar
Jad_Tabbara__J1
Icon for Cirrostratus rankCirrostratus
Jul 24, 2017

Hello Moe,

 

If you have one generic DoS profile, you can leave it at the parent VS.

 

For persistence, I don't think it will work correctly if you put it on the parent.

 

You should put it on each child VS. Indeed, the load balancing decision is made by child VSs and the persistence is also determined based on pool members. For example, if you use "source addr" persistence the F5 will keep a table with following information: "source addr" => "node addr" It means that if you come with a specific "source_IP" trafic will be directed to the corresponding "node addr".

 

If you put the persistance on the parent VS that does not have any "default pool" it can't determine to which "node addr" it will send the data.

 

Regards,