reversed port check (tcp)
Hi, In F5 (v12) we can create a tcp check. So I created one. Very simple. It is attached this this pool/poolmember I can reach the member and the checkport (8000) from the cli of the F5 Now on this page: https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-monitors-reference-11-5-0/3.html I read (in TCP settings table) "Note: If you do not specify both a Send String and a Receive String, the monitor performs a simple service check and connect only." and "Note: If you choose to set the Reverse setting to Yes, the Receive Disable String option becomes unavailable and the monitor marks the pool, pool member, or node Down when the test is successful." So when I read that, and with the way I set things up, and the fact I can nicely connect when port 8000 is available, I expect the poolmember to be disabled whenever the connection to port 8000 on it's IP can me made and to be enabled whenever the connection can NOT be made. However, the only state this check ever causes is ' disabled'. What is going wrong here?
Port oversuscription in BIG-IP models
Is there any kind of port oversuscription as there is in othe manufaturers as in Cisco? I can't find anything about it, I can't find how to connect the different phisical ports to your bussiness switches to avoid oversuscription and avoid to saturate the backplane, ASIC or anything that share bandwidth, memory, or CPU.... Is there any "conectivity best practice" by model? Or documentatión about how the physical ports are distributed internally by ASICs? Thank you
Based on URI path redirect to different port
Hi, I'm kinda new to F5 and the LTM module so I'm trying to wrap my head around iRules and policies. I've got a task I can't seem to solve however easy it might be. I tried searching the existing topics but without luck. A webserver with two nodes is listening on port 80 and 443. When http is accessed the F5 should redirect the connection to https. I can do this with the inbuilt irule. The pools behind the HTTPS virtual server are listening on 8443 so the connection is like this: https:// xy.com/ goes to POOL_SOMETHING:8443. And here comes the twist. When the URL contains this path: /auth then instead of 8443 the connection should be redirected to 9443. Like this: https:// xy.com/auth goes to POOL_SOMETHING:9443 What I thought would be a good solution is to create two pools. POOL_SOMETHING:8443 and POOL_SOMETHING:9443. Then, I would create an LTM policy where the following conditions would be enabled: HTTP URI path is any of /auth THEN Forward traffic to pool POOL_SOMETHING:9443 Is this a reasonable solution? If not, can you please suggest something? Thanks in advance!
fixating ports between client and server
hi.. we have a java APPLICATION behind an F5, which uses tcp sockets to communicate with devices beyond F5, the trouble is that we noticed that while our application uses port 12092 to send messages to a device, wireshark shows that the src port is changed in the packet to another port, so while the device is able to recieve the message, it won't use the src port written in the packet, but would always respond the a fixed port it has (i.e 12092), however since F5 change the port it won't listen to that port and has sent back an error to the device. my questions is this, how do i make sure that F5 relays tcp requests on the same port it got them. i already checked i've already checked that "port translation" is disabled and "source port" is preserve
