Forum Discussion

3DWine's avatar
3DWine
Icon for Nimbostratus rankNimbostratus
Apr 29, 2020

PBR Transparent Proxy Pool

Hi all

 

Trying to establish the best way to achieve a Transparent proxy pool on an F5 VIP if it is possible.

 

Essentially want webtraffic directed to the F5 to be load balanced to a pool of transparent proxies.

 

Router doing Policy Based routing to send any LAN TRAFFIC 80+443 traffic to a VIP on an F5. This i would require PBR on the F5 as well as the VIP is advertised from a selfIP on the F5.

 

Even with both PBRs in place is this something that is achievable on the F5?

 

what type of VIP would be required for this?

 

----------------------------------------------------------

HOST: 1.1.1.1 [website.com 5.5.5.5:80]

1.1.1.1 >> 1.1.1.2

RTR: 1.1.1.2 [PBR - 1.1.1.1 DST 80 nexthop set 3.3.3.3]

2.2.2.1 >> 2.2.2.2

F5: 2.2.2.2 [PBR - 1.1.1.1 DST 80 nexthop set 3.3.3.3]

2.2.2.2 >> 3.3.3.3

F5: 3.3.3.3 [VIP with Transparent Proxy Pool 4.4.4.0l]

----------------------------------------------------------

 

1 Reply

  • The BigIP lets you create 0.0.0.0:80/0.0.0.0:443 fastl4 listeners that captures all traffic with a destination port of 80/443 that is sent to the floating self-IP (i.e as a gateway) (that does not match a more specific listener).

     

    The listeners then forward the traffic to the pool of proxies (with or without address translation as required).