Forum Discussion

callerys_137261's avatar
callerys_137261
Icon for Nimbostratus rankNimbostratus
Mar 13, 2017

insert sni based on node balanced to

Want to be able to insert SNI based on the node it is load balanced to. The nodes in the pool each have their own SNI/cert that is unique to them.

 

I have seen several articles about doing something similar but with using the inbound SNI not exactly like this.

 

2 Replies

  • Hi Callerys,

     

    I have one more question. Why you need to enable SNI for each node?

     

  • Hi ,

     

    you can use my SNI injection iRule as a starting point. The iRule is able to inject a freetext SNI record into the Server_SSL negotiation.

     

    https://devcentral.f5.com/codeshare/serverside-sni-injection-irule-968

     

    Note: The best way to integrate my iRule into your solution would be to create an Array to precompute the Node-IPs to SNI record resolution during RULE_INIT event, and then use the SERVERSSL_CLIENTHELLO_SEND event to lookup and insert the SNI record based on the currently selected Node-IP.

     

    Cheers, Kai