User @alekseeh had a question that this group may be able to answer: https://community.f5.com/t5/technical-forum/f5-on-azure-behind-sdn/m-p/311896 Can someone please help them? ... View more

F5 Distributed Cloud (F5 XC) HTTP Health Checks (HC) behave differently from the basic HTTP Health Check from the beloved BIG-IP platform that F5 is known for. Because of this difference, some of your testing and real-world experiences may be a little different. One issue you may encounter is the difference in TCP/HTTP connection handling. On BIG-IP, the HTTP HC sends a HTTP/0.9 style GET request. With HTTP/0.9, there is no persistent TCP session, and every check is a brand-new request. By default, in F5 XC, XC will send HTTP/1.1 requests with the default behaviour of Connection: keep-alive set. This may result in Health Checks continuing to work even though new client sessions may be blocked. If this isn't desired for your health checks, you can change to a single use style health check by adding the HTTP header: Connection: Close to your health check. Here's a table that shows the GET requests and responses between BIG-IP and XC.  HTTP Requests BIG-IP Basic HTTP XC Basic HTTP Get Request Hypertext Transfer Protocol     GET /\r\n     \r\n     [HTTP request 1/1] Hypertext Transfer Protocol     GET / HTTP/1.1\r\n     host: demo.com\r\n     user-agent: Envoy/HC\r\n     \r\n     [Full request URI: http://demo.com/]     [HTTP request 1/1] Response Hypertext Transfer Protocol     HTTP/1.1 200 OK\r\n     X-Frame-Options: ALLOW-FROM \r\n     Content-Type: text/html; charset=utf-8\r\n     Vary: Accept-Encoding\r\n     Date: Tue, 21 Mar 2023 15:59:11 GMT\r\n     Connection: close\r\n     \r\n     [HTTP response 1/1]     [Time since request: 0.001904999 seconds]     [Request in frame: 14]     [Request URI: /] Hypertext Transfer Protocol     HTTP/1.1 200 OK\r\n     X-Frame-Options: ALLOW-FROM \r\n     Content-Type: text/html; charset=utf-8\r\n     Vary: Accept-Encoding\r\n     Date: Tue, 21 Mar 2023 16:18:44 GMT\r\n     Connection: keep-alive\r\n     Keep-Alive: timeout=5\r\n     Transfer-Encoding: chunked\r\n     \r\n     [HTTP response 1/1]     [Time since request: 0.080959858 seconds]     [Request in frame: 4]     [Request URI: http://demo.com/]     HTTP chunked response Here is the JSON payload to create your own Health Check with the Connection Close header set: {   "metadata": {     "name": "hc-http-connectionclose-200-302",     "namespace": "shared",     "labels": {},     "annotations": {},     "disable": false   },   "spec": {     "http_health_check": {       "use_origin_server_name": {},       "path": "/",       "use_http2": false,       "headers": {         "Connection": "Close"       },       "request_headers_to_remove": [],       "expected_status_codes": [         "200",         "302"       ]     },     "timeout": 3,     "interval": 15,     "jitter": 0,     "unhealthy_threshold": 1,     "healthy_threshold": 3,     "jitter_percent": 30   } } Thanks for reading and best of luck in your journey with F5 Distributed Cloud.  ... View more

Hi, I installed CE in our vCenter. I deployed 'certified Hardware' is 'vmware-regular-nic-voltmesh'. I wanna inside network connect to global network. The internal interface network is not allocated and an error message is displayed. How can I next action?  I can't find the this issues... ... View more

Here is a list of the F5 XC articles that were published lately on DevCentral in the Technical Articles section. If you find them useful, please give a Kudo. We appreciate it and we know the author would as well. F5 Hybrid Security Architectures (Part 1 - F5's Distributed Cloud WAF and BIG-IP Advanced WAF) F5 Hybrid Security Architectures (Part 2 - F5's Distributed Cloud WAF and NGINX App Protect WAF) End-to-End Fraud and Risk Detection with F5 Distributed Cloud Silverline DDoS capabilities are now available in F5 Distributed Cloud Using F5 Distributed Cloud AppStack & CE Site Survivability Easily Protect Your Applications from DDoS with F5 Distributed Cloud DDoS Auto-Mitigation Mitigation of OWASP API6: 2019 Mass Assignment vulnerability using F5 Distributed Cloud Platform Overview of Trusted Client IP Headers in F5 Distributed Cloud Platform Demo Guide & Video Series for F5 Distributed Cloud Network Connect (Multi-Cloud Networking) Prevention of OWASP API Security API2:2019 Broken Authentication using F5 Distributed Cloud Platform Mitigating OWASP Web App Top 10 2021 : A08-Software and Data Integrity Failures using F5 XC Platform Egress control for Kubernetes using F5 Distributed Cloud Services Comprehensive solution for OWASP Web App A09:2021 Security Logging & Monitoring Failures from F5 XC How To Protect Your Applications from Cross Site Request Forgery (CSRF) with F5 Distributed Cloud Bot Defense for Mobile Apps in XC WAAP Part 1: The Bot Defense Mobile SDK Deploy High-Availability and Latency-sensitive workloads with F5 Distributed Cloud Mitigation of OWASP Web Application Top 10 2021 A04:2021-Insecure Design using F5 XC platform ... View more