cancel
Showing results for 
Search instead for 
Did you mean: 

intelligent load balancing issue

Jahmedj
Nimbostratus
Nimbostratus

I have an https client connections on F5 LB. All client traffic uses default https port 443. the VIP should forward the traffic to a different ports in same pool of two server. The idea is request from https://jahmedj.com/abc must go to server1 on port 7901 and https://jahmedj.com/xyz must go to another server on port 7902. 

i craeted policy and applied but not working, looking for alternate method to achive this LB.

6 REPLIES 6

vaibhav
Nimbostratus
Nimbostratus

dear Vaibhav,

I will try and and update you.

Dear Vaibhav,

No, it didn't work.

All traffic perhaps going to forst pool only.

any other clue 

@Jahmedj, following up on my comment below, you can use a Local Traffic Policy.  I have a setup where any uri-path equal to /abc or starting with /abc/ goes to a pool using port 8080.  Any uri-path equal to /xyz or startin with /xzy/ goes to a pool using port 8081.  The node (server) set in each pool is the same.  Here are the relevant snippets:

ltm virtual vs-http-01 {
    destination 10.1.10.100:http
    policies {
        pool-steer-by-uri-path { }
    }
    pool pool-8080
    profiles {
        f5-tcp-progressive { }
        http { }
    }
    source-address-translation {
        type automap
    }
    translate-address enabled
    translate-port enabled
    vlans {
        clients
    }
    vlans-enabled
}

ltm pool pool-8080 {
    members {
        server01:webcache {
            address 10.1.20.20
            session monitor-enabled
            state up
        }
    }
    monitor http
}

ltm pool pool-8081 {
    members {
        server01:tproxy {
            address 10.1.20.20
            session monitor-enabled
            state up
        }
    }
    monitor http
}

ltm policy pool-steer-by-uri-path {
    controls { forwarding }
    requires { http }
    rules {
        "uri path abc exact" {
            actions {
                0 {
                    forward
                    select
                    pool pool-8080
                }
            }
            conditions {
                0 {
                    http-uri
                    path
                    values { /abc }
                }
            }
        }
        "uri path abc starts_with" {
            actions {
                0 {
                    forward
                    select
                    pool pool-8080
                }
            }
            conditions {
                0 {
                    http-uri
                    path
                    starts-with
                    values { /abc/ }
                }
            }
            ordinal 1
        }
        "uri path xyz exact" {
            actions {
                0 {
                    forward
                    select
                    pool pool-8081
                }
            }
            conditions {
                0 {
                    http-uri
                    path
                    values { /xyz }
                }
            }
            ordinal 2
        }
        "uri path xyz starts_with" {
            actions {
                0 {
                    forward
                    select
                    pool pool-8081
                }
            }
            conditions {
                0 {
                    http-uri
                    path
                    starts-with
                    values { /xyz/ }
                }
            }
            ordinal 3
        }
    }
    strategy first-match
}

This particular code does not strip the leading part of the URI path.  Thus, if one goes to:

http://10.1.10.100/abc/def/file.html

then that is the same path (i.e., /abc/def/file.html) that would be sent to server01 port 8080, rather than, say, /def/file.html.  The latter is possible, as well, if desired.

VernonWells
F5 Employee
F5 Employee

@Jahmedj, the subtlety in the link that @vaibhav provided is that there are two pools.  In general, a "node" on a BIG-IP corresponds to a target IP address of a forwarding target.  A "pool member" is the combination of a "node" and a layer4 port.  A "pool" consists of a collection of zero or more "pool members".  The two pools would have members that have the same node IPs, but different ports, as in:

 

ltm node server01 { address 10.10.1.5 }
ltm node server02 { address 10.10.1.6 }
ltm pool target_7901 {
   members { server01:7901 server02:7901 }
}
ltm pool target_7902 {
   members { server01:7902 server02:7902 }
}

 

Your Local Traffic Policy would then target the corresponding pool based on the URI path match.

vaibhav
Nimbostratus
Nimbostratus

Have a look at this one and let me know what out of this doesnt work for you and we can modify this,  I tested this one below and it works. Ignore the wildcard as thats not your case

And what modifications are needed ... i am yet to explore policies equivalent of I-rule but i can try modifying the Irule

ltm rule pool_URI-redirection {
when HTTP_REQUEST {
switch -glob [HTTP::uri] {
"/URI1/v1.0/RMAOrders*" {
pool pool_pool_5101
}
"/URI1/v1.0/miscIssues*" {
pool pool_pool_5085
}
"/URI1/v1.0/miscReceipts*" {
pool pool_pool_5084
}
"/URI1/v1.0/pickReleaseOrdersAck*" {
pool pool_pool_5083
}
"/URI1/v1.0/poReceipt*" {
pool pool_pool_5081
}
"/URI1/v1.0/purchaseOrdersAck*" {
pool pool_pool_5079
}
"/URI1/v1.0/purchaseOrders*" {
pool pool_pool_5078
}

"/URI1/v1.0/RMAReceipts*" {
pool pool_pool_5111
}
"/URI1/v1.0/shipConfirmOrders*" {
pool pool_pool_5076
}
"/URI1/v1.0/subInvTransfers*" {
pool pool_pool_5077
}
"/URI1/v1.0/pickReleaseOrders*" {
pool pool_pool_5082
}
"/anotherURI/Endpoint*" {
pool pool_pool_5115
}
}
}
}