Load Balancing based on Port

Sure, there's a way but it's not in the "IP" namespace. Think of IP as the base class and TCP and UDP are classes derived from IP.

 

 

In the "IP" namespace you can access the addresses

 

 

IP::remote_addr, IP::local_addr, IP::client_addr, IP::server_addr

 

 

And from TCP and UDP you can access the ports with these values

 

 

TCP::remote_port, TCP::local_port, TCP::client_port, TCP::server_port

 

UDP::remote_port, UDP::local_port, UDP::client_port, UDP::server_port

 

 

The "server_port" values are only valid when withing the serverside context (server response). If you want to load balance based on the destinaion port of the service (ie, using a wildcard virtual server), use the "local_port". If you want to load balance based on the client's source port (not sure why you'd want to do this), you could with the "client_port" value.

 

 

Also, if you are using a HTTP profile, you can access the port in the HTTP request with the HTTP::port value.

 

 

This reminds me that I need to get back on finalizing the documentation for my iRules cheat sheet...

 

 

-Joe

I've considered using TCP::client_port for persisting where all my clients hit an SSL VPN device and come out sharing a single IP address.

That's probably not a good idea. Session persistence means that separate connections that are part of the same session will be directed to the same back-end server. The problem with the client port is that it generally changes for each client connection. The best way to support session persistence is to use something in the higher-level protocol, like an HTTP cookie. For SSL, one can use the SSL session id for persistence. However, there are problems with tracking the session id across renegotiations.