NimbostratusHello,
We would like to take advantage of the BIG-IP `Port List` feature to reduce the number of virtual servers.
Unfortunately I couldn’t find a way to associate an existing `Port List` with a virtual server through the REST API.
Could someone point me to the right endpoint?
I'm not a REST API expert but I did some experimenting by creating a virtual server that uses a port list. The virtual server's definition looks like this when extracted via a REST API call, as follows (look for the start and end of "IMPORTANT STUFF"):
curl -sku admin:f5trn4 https://X.X.X.X/mgmt/tm/ltm/virtual/https_vs
{
"kind":"tm:ltm:virtual:virtualstate",
"name":"https_vs",
"fullPath":"https_vs",
"generation":884,
"selfLink":"https://localhost/mgmt/tm/ltm/virtual/https_vs?ver=14.1.0",
"addressStatus":"yes",
"autoLasthop":"default",
"cmpEnabled":"yes",
"connectionLimit":0,
"creationTime":"2020-12-18T17:30:42Z",
"destination":":0",
"enabled":true,
"gtmScore":0,
"ipProtocol":"tcp",
"lastModifiedTime":"2021-02-08T23:31:41Z","mask":"255.255.255.255",
"mirror":"disabled",
"mobileAppTunnel":"disabled",
"nat64":"disabled",
"pool":"/Common/https_pool",
"poolReference":{
"link":"https://localhost/mgmt/tm/ltm/pool/~Common~https_pool?ver=14.1.0"
},
"rateLimit":"disabled",
"rateLimitDstMask":0,
"rateLimitMode":"object",
"rateLimitSrcMask":0,
"serviceDownImmediateAction":"none",
"source":"0.0.0.0/0",
"sourceAddressTranslation":{
"type":"automap"
},
"sourcePort":"preserve",
"synCookieStatus":"not-activated",
******* START IMPORTANT STUFF *******
"trafficMatchingCriteria":"/Common/https_vs_VS_TMC_OBJ",
"trafficMatchingCriteriaReference":{
"link":"https://localhost/mgmt/tm/ltm/traffic-matching-criteria/~Common~https_vs_VS_TMC_OBJ?ver=14.1.0"
},
******* END IMPORTANT STUFF *******
"translateAddress":"enabled",
"translatePort":"enabled",
"vlansDisabled":true,"vsIndex":4,
"policiesReference":{
"link":"https://localhost/mgmt/tm/ltm/virtual/~Common~https_vs/policies?ver=14.1.0",
"isSubcollection":true
},
"profilesReference":{
"link":"https://localhost/mgmt/tm/ltm/virtual/~Common~https_vs/profiles?ver=14.1.0",
"isSubcollection":true
}
}The key seems to be the traffic-matching-criteria option on the virtual server's configuration and also the fact that the virtual server's destination setting has no IP address and port is any.
I checked the reference link on the traffic-matching-criteria and came up with the following:
curl -sku admin:f5trn4 https://X.X.X.X/mgmt/tm/ltm/traffic-matching-criteria/~Common~https_vs_VS_TMC_OBJ?ver=14.1.0
{
"kind":"tm:ltm:traffic-matching-criteria:traffic-matching-criteriastate",
"name":"https_vs_VS_TMC_OBJ",
"partition":"Common",
"fullPath":"/Common/https_vs_VS_TMC_OBJ","generation":884,
"selfLink":"https://localhost/mgmt/tm/ltm/traffic-matching-criteria/~Common~https_vs_VS_TMC_OBJ?ver=14.1.0",
******* START IMPORTANT STUFF *******
"destinationAddressInline":"10.10.4.100",
"destinationPortInline":"0",
"destinationPortList":"/Common/my_port_list",
"destinationPortListReference":{
"link":"https://localhost/mgmt/tm/net/port-list/~Common~my_port_list?ver=14.1.0"},
******* END IMPORTANT STUFF *******
"protocol":"any",
"routeDomain":"any",
"sourceAddressInline":"0.0.0.0",
"sourcePortInline":0
}One last thread to follow, and that's the referenced port list:
curl -sku admin:f5trn4 https://X.X.X.X/mgmt/tm/net/port-list/~Common~my_port_list?ver=14.1.0
{
"kind":"tm:net:port-list:port-liststate",
"name":"my_port_list",
"partition":"Common","fullPath":"/Common/my_port_list",
"generation":882,
"selfLink":"https://localhost/mgmt/tm/net/port-list/~Common~my_port_list?ver=14.1.0",
"ports":[{
"name":"443"},{"name":"8443"
}]
}I hope this helps point you in the right direction.
NimbostratusDear Cathy,
You know what? For what it's worth, I declare you are a REST expert now :)
I wasn't expecting the config to be buried so deep and since it was my first day with the product, I reckon `vs_tmc_obj` ring no bell at all (but who am I to judge, right?)
Anyway, thank you very much!