dell
71 TopicsLoad-Balancing Client/Server on same subnet
Hi all, I’m working on a customer's issue where the VIP, pool members and clients are all on the same subnet (lets say 10.1.1.0/24) and no SNAT on the VIP. I'm seeing an issue related to ARP that only affects one of the 6 servers. All servers are Dell. Client – 10.1.1.12 VIP – 10.1.1.4:25 Member Servers 1-6 – 10.1.1.5-19:25 I would expect the flow to go from Client to VIP to Member Server directly back to the client and break communications, but 5 out of 6 servers actually go right back through the F5 and work fine. If you look at the ARP cache on these boxes, it only has one or two entries pointing to the F5 - none for the client (10.1.1.12). The server that does not work does have an ARP entry for the client IP and the return traffic goes directly back to the client. No static ARP setup on the working servers as far as I can tell. Nothing in the F5 configs about mac spoofing/masquerading. Creating a static arp entry for the client IP to point to the F5 mac on the server that's not working fixes this server. I'm a little confused on any of the servers are working at all. Any insight into how this is supposed to work without SNAT would be extremely helpful. Thanks in advance! Chintan899Views0likes7CommentsHelp with custom LB method
Hi F5 peers, Need some help on how to approach a requirement from our DB team. Customized LB which distributes traffic to pool_member 1 and pool-member2. If and when pool_member2 is unavailable traffic should go to pool_member1. But if pool_member1 is unavailable it SHOULD NOT go to pool_member2. Thanks in advance!!682Views0likes12CommentsBlock traffic to node during specific time period
Hello all. I have a situation where we need to recycle our AppPools for two servers, that are in the same LTM Pool, during two different times, so I need to create an irule that will block traffic to each specific node for a time period of about 30 minutes. So for example Web1's AppPool will recycle at 2am and Web2's AppPool will recycle at 3am. I need to be able to keep traffic from getting to those servers during that specific time period, and both Web Servers. I've seen a few examples on setting up maintenance windows based on time, but didn't notice anything that addressed stopping traffic to just one node within specific pool. Any suggestion or if anyone can point me in the right direction I'd appreciate it. Just a side note, we can't set a different time within IIS for the AppPool recycles because the AppPools settings are being replicated and the replication software doesn't allow that granularity of changing those settings. Plus I want to make sure I'm reducing the load on the server that the AppPool is being recycled on during that period. I'm running 10.2.4 with HF5 on LTM 3400 Thanks, Bob605Views0likes7CommentsURL Forwarding and Masking
Our current requirement is that if a user clicks on external link from our website - the URL should not be changed and the content should be loaded from an external link. Following are the use cases to understand more about this [1] User is logged in to our website https://example-test.com [2] User clicked on external link https://external-link-website.com [3] User should not see that URL is changed to but instead it should show as https://example-test.com and content should be loaded from https://external-link-website.com Can you please provide us an iRule or suggestions to achieve this requirement for us? Thanks Srikanth546Views0likes3CommentsHTTP to HTTPS with sharepoint 2013
Recently built up a sharepoint 2013 server and put it behind F5 using SSL offloading. Certain content is show up as "mixed" content and that wont be good for our end users. So I am looking to do a Irule to change any outbound link from HTTP to HTTPS can someone write that up for me? Or should I try to use Stream? would that be more efficient?536Views0likes6CommentsNo iConnnectPlus Client can be found
I install the Client, but the browser can't find it. log: OS Name: Windows 7 Enterprise Version: 6.1 Build: 7601 Type: Multiprocessor Free Primary UI language: 0x9 Short Name: Win764 Service Pack: Service Pack 1 WOW64 HOTFIXES: SP1; InternetExplorer version: 9.0.8112.16421 InternetExplorer build: 98112 HOTFIXES: 0 2015-03-13, 8:00:45:226, 4164,5468,DIALER, 2, \URDialer.cpp, 1149, CURDialer::InternalDisconnect, Invalid RAS connection handle 2015-03-13, 8:00:45:226, 4164,5468,DIALER, 2,,,, CURDialer::OnDisconnected: Enter 2015-03-13, 8:00:45:226, 4164,5468,DIALER, 2,,,, UIpForwardTable::SaveIpForwardTable: Table - NULL 2015-03-13, 8:00:45:226, 4164,5468,DIALER, 1, \UIpForwardTable.cpp, 717, UIpForwardTable::RestoreRouteTable, Failed to properly restore routing table. Possibly rotuing table is corrupted. Restart the system 2015-03-13, 8:00:45:226, 4164,6028,DIALER, 2,,,, CURDialer::ThreadProc:RegOpenKey(Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections) 0 2015-03-13, 8:00:45:226, 4164,5468,DIALER, 2,,,, CURDialer::OnDisconnected: Leave 2015-03-13, 8:00:45:241, 4164,5468,DIALER, 2, \URDialer.cpp, 1149, CURDialer::InternalDisconnect, Invalid RAS connection handle 2015-03-13, 8:00:45:241, 4164,5468,DIALER, 2,,,, CURDialer::OnDisconnected: Enter 2015-03-13, 8:00:45:241, 4164,5468,DIALER, 2,,,, UIpForwardTable::SaveIpForwardTable: Table - NULL 2015-03-13, 8:00:45:241, 4164,5468,DIALER, 1, \UIpForwardTable.cpp, 717, UIpForwardTable::RestoreRouteTable, Failed to properly restore routing table. Possibly rotuing table is corrupted. Restart the system 2015-03-13, 8:00:45:241, 4164,5300,DIALER, 2,,,, CURDialer::ThreadProc:RegOpenKey(Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections) 0 2015-03-13, 8:00:45:241, 4164,5468,DIALER, 2,,,, CURDialer::OnDisconnected: Leave 2015-03-13, 8:00:45:241, 4164,5468,DIALER, 2, \URDialer.cpp, 1149, CURDialer::InternalDisconnect, Invalid RAS connection handle 2015-03-13, 8:00:45:241, 4164,5468,DIALER, 2,,,, CURDialer::OnDisconnected: Enter 2015-03-13, 8:00:45:241, 4164,5468,DIALER, 2,,,, UIpForwardTable::SaveIpForwardTable: Table - NULL 2015-03-13, 8:00:45:257, 4164,5468,DIALER, 1, \UIpForwardTable.cpp, 717, UIpForwardTable::RestoreRouteTable, Failed to properly restore routing table. Possibly rotuing table is corrupted. Restart the system 2015-03-13, 8:00:45:257, 4164,404,DIALER, 2,,,, CURDialer::ThreadProc:RegOpenKey(Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections) 0 2015-03-13, 8:00:45:257, 4164,5468,DIALER, 2,,,, CURDialer::OnDisconnected: Leave 2015-03-13, 8:00:45:257, 4164,5468,DIALER, 2,,,, UIpForwardTable::SaveIpForwardTable: Table - NULL 2015-03-13, 8:00:45:257, 4164,5468,DIALER, 1, \UIpForwardTable.cpp, 717, UIpForwardTable::RestoreRouteTable, Failed to properly restore routing table. Possibly rotuing table is corrupted. Restart the system 2015-03-13, 8:00:45:257, 4164,3304,DIALER, 2,,,, CURDialer::ThreadProc:RegOpenKey(Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections) 0 2015-03-13, 8:07:55:026, 4352,5940,SUPERHOST, 1, \SuperHostIfs.cpp, 43, CURSuperHost::CheckInstance, CreateClientRpcHandle returned NULL 2015-03-13, 8:07:55:892, 4352,5940,SUPERHOST, 0,,,, Request to install/update Host Control 2015-03-13, 8:07:55:898, 4352,4748,SUPERHOST, 2, \urSmartUpdateEx.cpp, 519, USmartUpdateEx::RunObjectProc(), need not install/update control, {E0FF21FA-B857-45C5-8621-F120A0C17FF2}, https://iconnectbp.cathaypacific.com/vdesk/terminal/urxhost.cabversion=7000,2013,426,1913 2015-03-13, 8:07:55:987, 4352,5940,HOST, 0,,,, Request to install/update SSL Tunnel 2015-03-13, 8:07:55:991, 4352,1980,HOST, 2, \urSmartUpdateEx.cpp, 519, USmartUpdateEx::RunObjectProc(), need not install/update control, {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10}, https://iconnectbp.cathaypacific.com/vdesk/terminal/f5tunsrv.cabversion=7000,2013,426,1901 2015-03-13, 8:07:55:997, 4352,1980,HOST, 0,,,, Request to install/update VPN Manager 2015-03-13, 8:07:56:001, 4352,5184,HOST, 2, \urSmartUpdateEx.cpp, 519, USmartUpdateEx::RunObjectProc(), need not install/update control, {2BCDB465-81F9-41CB-832C-8037A4064446}, https://iconnectbp.cathaypacific.com/vdesk/terminal/urxvpn.cabversion=7000,2013,426,1906 2015-03-13, 8:07:56:016, 4352,5656,HOST, 1,,,, UFilterService::Init:Run-time exception.Exception code=0x6ba 2015-03-13, 8:07:56:018, 4352,5656,HOST, 1,,,, UFilterService::Init:Failure connecting to service. Status=0x6ba 2015-03-13, 8:07:56:019, 4352,5656,HOST, 2, \patchhost.cpp, 145, CHostCtrl::PatchHosts, Patching host file failed 2015-03-13, 8:07:59:738, 4352,2632,DIALER, 2,,,, CDialer::OnConnect:Processes policy processed 2015-03-13, 8:07:59:739, 4352,2632,DIALER, 1, \URDialer.cpp, 6290, CURDialer::VerifySinglePolicy, Security policy prevents running SSL VPN on this PC 2015-03-13, 8:07:59:943, 4352,2632,DIALER, 2,,,, CDialer:LogVPNPolicyResult:logged 2015-03-13, 8:07:59:946, 4352,2632,DIALER, 2,,,, CDialer::OnConnect:Registry policy processed 2015-03-13, 8:07:59:947, 4352,2632,DIALER, 2,,,, CDialer::VerifyPolicy:policy result = 0 2015-03-13, 8:07:59:948, 4352,2632,DIALER, 1, \URDialer.cpp, 1292, CURDialer::VerifyPolicyThreadProc, Failed to verify policy (No iConnnectPlus Client can be found in your computer, please download the client at office. )528Views0likes0CommentsiRule Error related with Data Group
We need to block some User-Agent, so I created a Data Group that called UnwantedAgents, and an iRules called ir_BlockAgents when HTTP_REQUEST { if { [class match [string tolower [HTTP::header "User-Agent"]] contains UnwantedAgents ] } { log local0. "Blocked src=[IP::client_addr] src_port=[TCP::client_port],agent= HTTP::header value User-Agent]" reject } } After I applied this iRule ir_BlockAgents. I saw this error in the log (/var/log/ltm) Feb 21 12:26:51 jcbigip1 err mcpd[5407]: 01020066:3: The requested rule (/Common/ir_BlockAgents) already exists in partition Common. How can I fix it? Thanks, Xin520Views0likes11CommentsDell World 2011
Dell World 2011 - Unlocking Innovation in the Virtual Era The Dell F5 Team is happy to announce F5's participation as a bronze partner at Dell World 2011, October 12 -14 in Austin, Texas. Links have been posted within this discussion thread to information and content covering Dell and F5 Networks technologies. See other posts in this discussion forum for more information including four short podcasts explaining Dell and F5 solutions. Dell Power Solutions Magazine, 2011 Issue 4 Click on the link to read this *NEW* Dell Power Solutions magazine article entitled: Enhancing application delivery with nimble networking platforms Click here for more information on Dell World 2011 For inqueries contact510Views0likes2CommentsDeploying Dell's DX Object Storage? Then check this out...
We are really excited about this new Dell | F5 joint solution that uses a simple iRules script to integrate BIG-IP and DX. This product combination greatly increases deployment flexibility for Dell's object storage platform and enables many of the ADC benefits that BIG-IP brings to the table. If object storage is new to you then check out Dell's Enterprise TechCenter web site (see link below) where you will find helpful reference materials, proof-of-concept lab diagrams, test results, the essential iRule and step-by-step BIG-IP deployment guidance. http://www.delltechcenter.com/page/...+Platform/ And be on the look out for an article in the March 2011 issue of Dell Power Solutions Magazine. Use the "Add Reply" button to make a comment or ask a question. We look forward to the discussion. __________________________________________________________________ Fred Johnson Strategic Partner Engineer F5 Networks fred.johnson@f5.com www.twitter.com/dellf5team502Views0likes4CommentsSetting up internal and external SSL for server that MUST see internal SSL for APP to work
I have setup a VIP that has an SSL redirect on the outside of the F5, and then used a self signed SSL on the inside so the server will be accessed via port 443.. We are using version 11.2.1. The problem is, when you hit the external VIP the browser sits and spins until you either stop it or put the cursor to the right of the address and hit enter again and the application will respond with no problems.... This has been tried on several systems from different locations and it is always the same response as described above.... any ideas?499Views0likes13Comments