Forum Discussion

KAR_177013's avatar
KAR_177013
Icon for Nimbostratus rankNimbostratus
Sep 29, 2015

Best possible way to avoid creating large number of pools and virtual servers

Hi Guys,

 

We have a request where set of real servers listen on range of ports 4000-4200 (different port for different application).Users will be hitting the virtual server on the same port as real servers.What is the best way to create configurations for the requirement?Is there an irule that can be written using which we can avoid creating large number of pools and virtual servers?

 

2 Replies

  • You could create a VS with a wildcard port (

    *
    ) so all traffic to that IP will hit that VS, and within an iRule you could handle which ports you wanted to route traffic to (using things like datagroups to easily map port to a node, the TCP::local_port command, the node command, and selecting specific nodes as described here).

    If you wanted to stay away from iRules, you could probably set up a Local Traffic Policy to handle it as well, but I don't think that'd be as good a choice as using a generic iRule that checks port against a datagroup and then specifies the node (and drops or rejects requests to any non-allowed port).

    That would limit you VS to 1 and you pools to 0 (unless you want load balancing, at which point you'd need to use the pool command instead of the node command).

    Hope this helps.

  • Hi Kar,

     

    the most important question for me would be, if all your different pool instances require a dedicated monitor. Means if one port is down, does this mean that all other ports on this server are also down or is each port using a dedicated process?

     

    If all ports can use the same monitor then it's pretty easy. Just create a wildcard VS as mentioned from Michael and also just one wildcard pool. When using "* All Ports" for the VS the "Port Translation" option will automatically be disabled. On top of the VS just assign a basic iRule, which checks the destination port and only allows those, which are mention in a DGL. This works fine and we have such scenario already in use.

     

    Ciao Stefan :)