We have configured a ipsec tunnel that routes traffic from a third party company to one of our Big-IP virtual servers(listening on 3306). What we want to do is put a tcp iRule on that VS that then routes traffic to our AWS RDS MySQL instance on 3306. Can someone please help with this?
Thank you for your help!
Can you plz put some examples. So that we can make iRule...'AWS RDS MySQL' is web based instance?
Currently the tunnel routes to our Big-IP VS(10.180.1.1) on 3306 and we would like to put an irule redirect on that VS that then sends all traffic to our AWS RDS MySQL instance test.rds.amazonaws.com:3306. test.rds.amazonaws.com:3306 is on our VPC and is only accessible on our internal network.
You can't redirect traffic with TCP like you do with HTTP.
But you can associate to your VS Performance (Layer 4) a Pool with a Pool Member test.rds.amazonaws.com:3306 in order to send SQL traffic to your Amazon destination. Don't forget your routing. Use SNAT if it's necessary.
You can check the following post in order to see more information.
thank you for the reply. The problem is AWS RDS IP's are dynamic not static. I need to use dns to resolve test.rds.amazonaws.com:3306 and send the traffic that way. I was thinking it was possible because I want to send all traffic to test.rds.amazonaws.com:3306. Any ideas?
Since TMOS v11.6.0 you could populate pools by FQDN
So with this feature when you configure pool members with FQDN, addresses dynamically follow DNS changes. Fully dynamic DNS-managed pools may even be created.