Featured Group Content
This section shows featured content the Group Owner has highlighted.Group Content
failed to find TLS certificate objects, no entry finder provided
I'm trying to setup TLS @ the Cluster Level on the backend connection to the Origin Endpoint. The front end between the client and the HTTP load balancer works fine, but when i attempt to configure TLS @ the cluster level for a route, i get this error: failed to find TLS certificate objects, no entry finder provided when saving changes to the cluster in the gui. I'm quite certain i have the proper CA cert uploaded..and i've tried adding the trust chain into the same cert--both with or without the intermediate chain in the CA cert, i get the same error. Does anyone have any thoughts on what might be wrong here?62Views1like1CommentF5 Distributed Cloud HTTP Load balancer
I am trying to useF5 Distributed Cloud HTTP load balancer to select specific origin pool based on url hostname. Can you suggest how can I do it. On BIGIP-LIM we use irule and data group to accomplish that as we use multiple url behind same VIP. Thank you.1.5KViews2likes4CommentsNew feature required in XC ?
Hi, I have a suggestion regarding the F5 distributed cloud. Currently there is no feature available that can confirm that the configurations are successful, the only option we can see is the difference in configurations between old and new configurations. there should be an option which should able to confirm that whether the configuration is deployed or not. there is response option but it only shows {}. is there any such option available ?51Views0likes0CommentsNetwork connectors types ?
Hi All, Lets suppose we have two virtual networks in a site and they are of type "site local inside" or even if they are global. As mentioned in F5 documents virtual network is a kind of VRF where the end points are isolated on L3 level. So what network connector type can be used to connect both networks ? Because in this document "https://docs.cloud.f5.com/docs/how-to/networking/network-connectors" the only three options that we can use are mentioned in below snippet70Views0likes1CommentIs it possible to let the F5 XC provide different cerificate by path
Hi Everyone, The customer has an IoT server that provides different functions by path, and it's all HTTPS service. Only the path "/uisgw2/" needs to enable the mTLS during the SSL handshake. The other paths just provide a server cerificate without mTLS. I was wondering if is it possible to set up on F5 XC? Thanks in advanced DingSolved84Views0likes3CommentsHandling Contract Violations (Traffic or QPS) in F5 Distributed Cloud Services
Hello everyone, I’m currently evaluating F5 Distributed Cloud Services for our organization’s needs and I have a question regarding the management of contract violations, specifically in terms of web traffic or queries per second (QPS). Could someone please explain how F5 Distributed Cloud Services handles scenarios where the agreed traffic or QPS limits are exceeded? Are there automated mechanisms in place to manage or mitigate these violations? What kind of alerts or notifications are provided? Is there a provision for throttling or other corrective actions to prevent service degradation? How does this impact billing or service continuity? Any insights or detailed explanations would be greatly appreciated. Thank you!32Views0likes0CommentsHow to check tenant billing license start date and Expiry date in F5 Distributed Cloud Console
Hello Everyone, I would like to know about license start date and expiry date in F5 Distributed Cloud Console. I can't find license start date and expiry date. That's why, please give me guide line and suggest. Thanks.41Views0likes0CommentsF5 XC | Rewrite Redirect functionality
Hi together, for the migration to F5 XC we need to change the location header for certain responses (301,302) to match the hostname of the XC instance. Is there currently a way to configure a rewrite redirect to an F5 XC virtual server? I also couldn't find a configuration option that allows response header manipulation. I am grateful for any hint. Update: i found a feature Request for that functionality: https://www.f5cloudideas.com/ideas/MESH-I-149 but if there are any other ideas pls share with me 🙂1.6KViews0likes8CommentsA quick post on how F5 XC Health Checks are different from BIG-IP
F5 Distributed Cloud (F5 XC) HTTP Health Checks (HC) behave differently from the basic HTTP Health Check from the beloved BIG-IP platform that F5 is known for. Because of this difference, some of your testing and real-world experiences may be a little different. One issue you may encounter is the difference in TCP/HTTP connection handling. On BIG-IP, the HTTP HC sends a HTTP/0.9 style GET request. With HTTP/0.9, there is no persistent TCP session, and every check is a brand-new request. By default, in F5 XC, XC will send HTTP/1.1 requests with the default behaviour of Connection: keep-alive set. This may result in Health Checks continuing to work even though new client sessions may be blocked. If this isn't desired for your health checks, you can change to a single use style health check by adding the HTTP header: Connection: Close to your health check. Here's a table that shows the GET requests and responses between BIG-IP and XC. HTTP Requests BIG-IP Basic HTTP XC Basic HTTP Get Request Hypertext Transfer Protocol GET /\r\n \r\n [HTTP request 1/1] Hypertext Transfer Protocol GET / HTTP/1.1\r\n host: demo.com\r\n user-agent: Envoy/HC\r\n \r\n [Full request URI: http://demo.com/] [HTTP request 1/1] Response Hypertext Transfer Protocol HTTP/1.1 200 OK\r\n X-Frame-Options: ALLOW-FROM \r\n Content-Type: text/html; charset=utf-8\r\n Vary: Accept-Encoding\r\n Date: Tue, 21 Mar 2023 15:59:11 GMT\r\n Connection: close\r\n \r\n [HTTP response 1/1] [Time since request: 0.001904999 seconds] [Request in frame: 14] [Request URI: /] Hypertext Transfer Protocol HTTP/1.1 200 OK\r\n X-Frame-Options: ALLOW-FROM \r\n Content-Type: text/html; charset=utf-8\r\n Vary: Accept-Encoding\r\n Date: Tue, 21 Mar 2023 16:18:44 GMT\r\n Connection: keep-alive\r\n Keep-Alive: timeout=5\r\n Transfer-Encoding: chunked\r\n \r\n [HTTP response 1/1] [Time since request: 0.080959858 seconds] [Request in frame: 4] [Request URI: http://demo.com/] HTTP chunked response Here is the JSON payload to create your own Health Check with the Connection Close header set: { "metadata": { "name": "hc-http-connectionclose-200-302", "namespace": "shared", "labels": {}, "annotations": {}, "disable": false }, "spec": { "http_health_check": { "use_origin_server_name": {}, "path": "/", "use_http2": false, "headers": { "Connection": "Close" }, "request_headers_to_remove": [], "expected_status_codes": [ "200", "302" ] }, "timeout": 3, "interval": 15, "jitter": 0, "unhealthy_threshold": 1, "healthy_threshold": 3, "jitter_percent": 30 } } Thanks for reading and best of luck in your journey with F5 Distributed Cloud.1.7KViews8likes2Comments
About Distributed Cloud Users
Discuss the integration of security, networking, and application delivery services
Owned by: Rebecca_Moloney, DinaS, mlangdon, and LiefZimmermanCreated: 3 years agoOpen Group
Boards
XC Users Forum
Open conversations with staff and peers about F5 Distributed Cloud Services.
Nov 08, 202429 Posts XC Users Articles
Authoritative information from F5 Distributed Cloud Services subject matter experts for you, the community.
Dec 18, 202412 Posts XC Users Suggestions
Provide ideas and feedback to F5 staff on how to improve the usefulness of this community group.
0 Posts