intelligent load balancing issue

Jahmedj · ‎16-Feb-2022

I have an https client connections on F5 LB. All client traffic uses default https port 443. the VIP should forward the traffic to a different ports in same pool of two server. The idea is request from https://jahmedj.com/abc must go to server1 on port 7901 and https://jahmedj.com/xyz must go to another server on port 7902.

i craeted policy and applied but not working, looking for alternate method to achive this LB.

vaibhav · ‎16-Feb-2022

Check this one

https://community.f5.com/t5/technical-forum/redirect-to-different-pool-based-on-url/td-p/197697

Jahmedj · ‎16-Feb-2022

dear Vaibhav,

I will try and and update you.

Jahmedj · ‎19-Feb-2022

Dear Vaibhav,

No, it didn't work.

All traffic perhaps going to forst pool only.

any other clue

VernonWells · ‎21-Feb-2022

@Jahmedj, following up on my comment below, you can use a Local Traffic Policy. I have a setup where any uri-path equal to /abc or starting with /abc/ goes to a pool using port 8080. Any uri-path equal to /xyz or startin with /xzy/ goes to a pool using port 8081. The node (server) set in each pool is the same. Here are the relevant snippets:

ltm virtual vs-http-01 {
    destination 10.1.10.100:http
    policies {
        pool-steer-by-uri-path { }
    }
    pool pool-8080
    profiles {
        f5-tcp-progressive { }
        http { }
    }
    source-address-translation {
        type automap
    }
    translate-address enabled
    translate-port enabled
    vlans {
        clients
    }
    vlans-enabled
}

ltm pool pool-8080 {
    members {
        server01:webcache {
            address 10.1.20.20
            session monitor-enabled
            state up
        }
    }
    monitor http
}

ltm pool pool-8081 {
    members {
        server01:tproxy {
            address 10.1.20.20
            session monitor-enabled
            state up
        }
    }
    monitor http
}

ltm policy pool-steer-by-uri-path {
    controls { forwarding }
    requires { http }
    rules {
        "uri path abc exact" {
            actions {
                0 {
                    forward
                    select
                    pool pool-8080
                }
            }
            conditions {
                0 {
                    http-uri
                    path
                    values { /abc }
                }
            }
        }
        "uri path abc starts_with" {
            actions {
                0 {
                    forward
                    select
                    pool pool-8080
                }
            }
            conditions {
                0 {
                    http-uri
                    path
                    starts-with
                    values { /abc/ }
                }
            }
            ordinal 1
        }
        "uri path xyz exact" {
            actions {
                0 {
                    forward
                    select
                    pool pool-8081
                }
            }
            conditions {
                0 {
                    http-uri
                    path
                    values { /xyz }
                }
            }
            ordinal 2
        }
        "uri path xyz starts_with" {
            actions {
                0 {
                    forward
                    select
                    pool pool-8081
                }
            }
            conditions {
                0 {
                    http-uri
                    path
                    starts-with
                    values { /xyz/ }
                }
            }
            ordinal 3
        }
    }
    strategy first-match
}

This particular code does not strip the leading part of the URI path. Thus, if one goes to:

http://10.1.10.100/abc/def/file.html

then that is the same path (i.e., /abc/def/file.html) that would be sent to server01 port 8080, rather than, say, /def/file.html. The latter is possible, as well, if desired.

VernonWells · ‎16-Feb-2022

@Jahmedj, the subtlety in the link that @vaibhav provided is that there are two pools. In general, a "node" on a BIG-IP corresponds to a target IP address of a forwarding target. A "pool member" is the combination of a "node" and a layer4 port. A "pool" consists of a collection of zero or more "pool members". The two pools would have members that have the same node IPs, but different ports, as in:

ltm node server01 { address 10.10.1.5 }
ltm node server02 { address 10.10.1.6 }
ltm pool target_7901 {
   members { server01:7901 server02:7901 }
}
ltm pool target_7902 {
   members { server01:7902 server02:7902 }
}

Your Local Traffic Policy would then target the corresponding pool based on the URI path match.

vaibhav · ‎22-Feb-2022

Have a look at this one and let me know what out of this doesnt work for you and we can modify this, I tested this one below and it works. Ignore the wildcard as thats not your case

And what modifications are needed ... i am yet to explore policies equivalent of I-rule but i can try modifying the Irule

ltm rule pool_URI-redirection {
when HTTP_REQUEST {
switch -glob [HTTP::uri] {
"/URI1/v1.0/RMAOrders*" {
pool pool_pool_5101
}
"/URI1/v1.0/miscIssues*" {
pool pool_pool_5085
}
"/URI1/v1.0/miscReceipts*" {
pool pool_pool_5084
}
"/URI1/v1.0/pickReleaseOrdersAck*" {
pool pool_pool_5083
}
"/URI1/v1.0/poReceipt*" {
pool pool_pool_5081
}
"/URI1/v1.0/purchaseOrdersAck*" {
pool pool_pool_5079
}
"/URI1/v1.0/purchaseOrders*" {
pool pool_pool_5078
}

"/URI1/v1.0/RMAReceipts*" {
pool pool_pool_5111
}
"/URI1/v1.0/shipConfirmOrders*" {
pool pool_pool_5076
}
"/URI1/v1.0/subInvTransfers*" {
pool pool_pool_5077
}
"/URI1/v1.0/pickReleaseOrders*" {
pool pool_pool_5082
}
"/anotherURI/Endpoint*" {
pool pool_pool_5115
}
}
}
}

DevCentral

intelligent load balancing issue

Khoros Kudos Award 2022