Configure load balance for web application and mobile application

Question

Hi I have a client that have in the same server and in the same port working web application and mobile application and using the same certificate&nbsp;
backend web server: 172.x.x.10: 443 
mobile application: 172.x.x.10: 443
vs: 10.x.x.10&nbsp;
When use tcp_lan_optimized in tcp client profile all work fine for web application but mobile application not work, if I change the profile for tcp_mobile_optimized the mobile application work fine but the web application not work.&nbsp;
Which considerations I need to have, or which changes I need to do to solve the problem&nbsp;
Regards&nbsp;

raghavendrasy_7 · Answer

You are using same virtual server for both web and mobile applications? Is this possible to create seperate services (diferrent port) on backend servers for mobile and web applications.&nbsp;

raghavendrasy · Answer

You are using same virtual server for both web and mobile applications? Is this possible to create seperate services (diferrent port) on backend servers for mobile and web applications.&nbsp;

raghavendrasy · Answer

Can you please provide your virtual server configurations.&nbsp;

raghavendrasy_7 · Answer

Can you please provide your virtual server configurations.&nbsp;

ricardo_raza_14 · Answer

Hi, the client said that is not possible tho change anything in their configuration.
The configuration of vs is
ltm virtual /Common/vs_prod_xxx {
destination /Common/10.x.x.10:443
disabled
ip-protocol tcp
mask 255.255.255.255
pool /Common/pool_xxxx_produccion
profiles {
    /Common/cliente_ssl_xxx_prod {
        context clientside
    }
    /Common/http_xxx { }
    /Common/server_ssl_xxx_prod {
        context serverside
    }
    /Common/tcp-lan-optimized-xxx { }
}
source 0.0.0.0/0
source-address-translation {
    type automap
}
translate-address enabled
translate-port enabled

}
________________________________________________________________________________
Pools
________________________________________________________________________________
ltm pool /Common/pool_xxx_produccion {
members {
    /Common/nodo_xxx_prod10:0 {
        address 172.x.x.10
    }
    /Common/nodo_xxx_prod11:0 {
        address 172.x.x.11
    }
    /Common/nodo_xxx_prod12:0 {
        address 172.x.x.12
    }
    /Common/nodo_xxx_prod5:0 {
        address 172.x.x.5
    }
    /Common/nodo_x.x_prod6:0 {
        address 172.x.x.6
    }
    /Common/nodo_xxx_prod7:0 {
        address 172.x.x.7
    }
    /Common/nodo_xxx_prod8:0 {
        address 172.x.x.8
    }
    /Common/nodo_xxx_prod9:0 {
        address 172.x.x.9
    }
}
monitor /Common/gateway_icmp

}
________________________________________________________________________________
Profiles
________________________________________________________________________________
ltm profile client-ssl /Common/cliente_ssl_xxx_prod {
alert-timeout indefinite
allow-dynamic-record-sizing disabled
allow-non-ssl disabled
app-service none
cache-size 262144
cache-timeout 3600
cert /Common/xxx_prod.crt
cert-key-chain {
    xxx_prod {
        cert /Common/xxx_prod.crt
        key /Common/xxx_prod.key
    }
}
chain none
cipher-group none
ciphers DEFAULT
defaults-from /Common/clientssl
generic-alert enabled
handshake-timeout 10
inherit-certkeychain false
key /Common/xxx_prod.key
max-active-handshakes indefinite
max-aggregate-renegotiation-per-minute indefinite
max-renegotiations-per-minute 5
maximum-record-size 16384
mod-ssl-methods disabled
mode enabled
notify-cert-status-to-virtual-server disabled
ocsp-stapling disabled
options { dont-insert-empty-fragments }
passphrase none
peer-no-renegotiate-timeout 10
proxy-ssl disabled
proxy-ssl-passthrough disabled
renegotiate-max-record-delay indefinite
renegotiate-period indefinite
renegotiate-size indefinite
renegotiation enabled
secure-renegotiation require
server-name none
session-mirroring disabled
session-ticket disabled
session-ticket-timeout 0
sni-default false
sni-require false
ssl-sign-hash any
strict-resume disabled
unclean-shutdown enabled

}
ltm profile http /Common/http_xxx {
accept-xff disabled
app-service none
basic-auth-realm none
defaults-from /Common/http
encrypt-cookies none
enforcement {
    max-header-count 128
    max-header-size 327680
    max-requests 0
}
header-erase none
header-insert none
insert-xforwarded-for disabled
lws-separator none
lws-width 80
oneconnect-transformations enabled
proxy-type reverse
redirect-rewrite none
request-chunking preserve
response-chunking selective
response-headers-permitted none
server-agent-name BigIP
sflow {
    poll-interval-global no
    sampling-rate-global no
}
via-request preserve
via-response preserve
xff-alternative-names none

}
ltm profile server-ssl /Common/server_ssl_xxx_prod {
alert-timeout indefinite
app-service none
bypass-on-client-cert-fail disabled
bypass-on-handshake-alert disabled
cache-size 262144
cache-timeout 3600
cert /Common/xxx_prod.crt
chain none
cipher-group none
ciphers DEFAULT
defaults-from /Common/serverssl
generic-alert enabled
handshake-timeout 10
key /Common/xxx_prod.key
max-active-handshakes indefinite
mod-ssl-methods disabled
mode enabled
options { dont-insert-empty-fragments }
proxy-ssl disabled
proxy-ssl-passthrough disabled
renegotiate-period indefinite
renegotiate-size indefinite
renegotiation enabled
secure-renegotiation require-strict
server-name none
session-mirroring disabled
session-ticket disabled
sni-default false
sni-require false
ssl-forward-proxy disabled
ssl-forward-proxy-bypass disabled
ssl-sign-hash any
strict-resume disabled
unclean-shutdown enabled

}
ltm profile tcp /Common/tcp-lan-optimized-xxx {
app-service none
close-wait-timeout 30
defaults-from /Common/tcp-lan-optimized
fin-wait-2-timeout 300
fin-wait-timeout 30
idle-timeout 300
keep-alive-interval 1800
minimum-rto 1000
reset-on-timeout disabled
time-wait-recycle enabled
time-wait-timeout 5000
zero-window-timeout 50000

}

Forum Discussion

Configure load balance for web application and mobile application

8 Replies

Recent Discussions

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

Related Content

Application Programming Interface (API) Authentication types simplified

Enhanced Modern Applications and MicroServices SSO with NGINX

Secure Modern Applications and MicroServices SSO with NGINX

Protect Applications from Spring4Shell. (CVE-2022-22965)

NGINX Management Suite API Connectivity Manager - Modern API driven Applications