cancel
Showing results for 
Search instead for 
Did you mean: 

internet traffic egress load balancing for https

Chen_Jiang
Nimbostratus
Nimbostratus

Hi! Experts

 

We want to do internet traffic egress load balancing for https, depends on different URLs. because https traffic in encrypted, we plan to use irules read SNI field in https header and select a egress link. Is this method doable? or do you have any experience on this and could shed some light?

 

Thanks for your great help.

1 REPLY 1

Simon_Blakely
F5 Employee
F5 Employee

F5 has an entire product for this sort of SSL examination and routing - SSL Orchestrator

 

Trying to do this in an irule is complex and difficult, because you need to delay the server-side binding until the ClientHello has been sent and examined, and then pass the ClientHello through.

 

There are some irules that examine SNI headers to make decisions - have a search.

But you may find it easier to consider a ready-made and complete product that does what you require, and more.