Designing a home lab w/ reverse proxy

Question

I'm an SE at VMware - and I'm trying to build a homelab to demo some of our products.  I have verizon fios, with only a single public IP - and the "advanced router" which includes a "DMZ" capability.  Basically allows one host to be public facing.  My intent is to place a BIG-IP VE as my "public facing" host - and then setup a reverse proxy so I can get to all my different applications.&nbsp;
The idea is to have a single DNS (let's say: mydomain.com), and then have the F5 determine if they're trying to get to View, Workspace, or any other webapp or network app that I may have.  I plan on setting up the LTM as a reverse proxy to rewrite URI's - but I'm not completely positive this will work for everything I need.  So I have two questions:&nbsp;
1) Client URI - does this HAVE to be "/appname/" or can I have a subdomain (i.e. view.mydomain.com)?&nbsp;
2) Will this work for network protocols (i.e. PCoIP).  I'm pretty confident this work for webapps, but I'm not sure if it makes a difference if I'm connecting from a software client (view client) to a server (connection server).  &nbsp;
Any help will be much appreciated!&nbsp;

emamjomeh_26984 · Answer

FYI - I'm using http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-4-0/21.html as my baseline config

bboyjnr_8532 · Answer

Hi!&nbsp;
Welcome to devcentral! hope your stay here is enjoyable! :)&nbsp;

Yes you can do what we call "content based" load balancing with iRules, essentially this can inspect the client request, post/get etc. for specific headers/URL's/URI's and send client traffic to specific servers (pools) based upon its findings.&nbsp;
Great post here for you to oogle over...&nbsp;
https://devcentral.f5.com/questions/irule-to-use-specific-server-based-on-url-uri-request&nbsp;
this funky irule below cuts down on the maintenance of the rule and assumes you have a pool named appropriately and looks at the host header in the request...&nbsp;
https://devcentral.f5.com/wiki/iRules.Low_maintenance_dynamic_pool_select_based_on_HTTP_host_header.ashx&nbsp;

PCoIP is essentially UDP based protocol, I am no expert on PCoip but you can certainly have two LTM VS's using the same IP/Port combination (if required) if one has a TCP profile and the other a UDP profile so again im no expert in PCoIP or the VMware View client, if I was to get hands on with the client and the protocol. I would start by looking at the interaction of the cliet/server at a network level with TCPDump and go from there (not an egg sucking class, but MHO).

Please post back with comments etc. and how you get on with this, would be interested all the same.&nbsp;
Thanks,&nbsp;
B &nbsp;

emamjomeh_26984 · Answer

Thanks bboy,

With PCoIP it's both TCP and UDP - initial TCP connection for authentication, and then the streaming occurs via UDP.  I think your linked method would work just fine - because I'm just forwarding to a pool (doesn't matter if it's a web page, server, etc).  Which is what I need.

I will definitely update w/ my results as soon as I am able to complete the lab build.  I have a sneaking suspicion that my "public" facing IP is really inside a Verizon network and they may be blocking certain ports.  I just want to avoid purchasing business class fios and/or multiple IP's.

Forum Discussion

Designing a home lab w/ reverse proxy

3 Replies

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

F5 Reverse Proxy setup

Troubleshooting Lync/Skype for Business Reverse Proxy

Setup a Reverse Proxy that redirects to internal port

F5 SSL Offload behind Nginx Reverse Proxy

Reverse Proxy With Basic SSO