Forum Discussion

Racquel_Mays's avatar
Racquel_Mays
Icon for Employee rankEmployee
Feb 09, 2021
Solved

Use LTM Policies to Create a VIP listening on Specific Ports

All, we are moving from A10 to F5 LTM. With A10 we have 1 VIP, and up to 4 "service-groups" or pools serving 4 specific ports. My goal is to provide a similar functionality in the LTM using Local Tra...
  • JRahm's avatar
    Feb 10, 2021

    #facepalm...notice the hidden option on the tcp port:

    mine was remote by default, changing to local fixed the issue. Working policy that should help:

    ltm policy allports_testpolicy {
        controls { forwarding }
        last-modified 2021-02-10:16:42:35
        requires { tcp }
        rules {
            tcp-80 {
                actions {
                    0 {
                        forward
                        client-accepted
                        select
                        pool nerdlife_pool
                    }
                }
                conditions {
                    0 {
                        tcp
                        client-accepted
                        port
                        local
                        values { 80 }
                    }
                }
            }
            tcp-8080 {
                actions {
                    0 {
                        forward
                        client-accepted
                        select
                        pool nerdlife_pool
                    }
                }
                conditions {
                    0 {
                        tcp
                        client-accepted
                        port
                        local
                        values { 8080 }
                    }
                }
                ordinal 1
            }
            tcp-all-else {
                actions {
                    0 {
                        shutdown
                        client-accepted
                        connection
                    }
                }
                conditions {
                    0 {
                        tcp
                        client-accepted
                        port
                        local
                        not
                        values { 80 8080 }
                    }
                }
                ordinal 2
            }
        }
        status published
        strategy first-match
    }