cancel
Showing results for 
Search instead for 
Did you mean: 
Angel_Martinez_
Nimbostratus
Nimbostratus

Problem this snippet solves:

If no servers are available in the pool serving an HTTPS Virtual Server, LTM will still perform the SSL handshake with the client (which is expected behaviour, and is required in order to allow LTM to process iRules and/or some HTTP profile options). To instead reject the connection when no pool members are available and avoid the delay incurred for the SSL handshake, you can use the following iRule.

Code :

# This event is triggered when a TCP connection is established with the client
when CLIENT_ACCEPTED {
   # Check if the default pool of the VIP has no active members
   if {[active_members [LB::server pool]] < 1}{
      # Disable the client SSL profile and send a TCP reset to the client
      SSL::disable
      reject
   }
}
Comments
JRahm
Community Manager
Community Manager
Contributed by macondo
Version history
Last update:
‎30-Jan-2015 04:56
Updated by:
Contributors