NimbostratusHi, how can i route requests coming to 1 VIP so if its coming from external users it should go to web server A , if its internal user it should go to web server B . Both web servers are listening port 443.
As long as there is some way to differentiate internal and external users, say by IP address, then the answer is yes. You can use a Local Traffic Policy to forward traffic to server B (pool B) if the client's IP address indicates they are an internal user, and everyone else can go to server A (pool A). (I'm assuming internal users are easier to identify by IP address.) If you need more granular controls, an iRule can do that. Can you provide some more specifications on how you are differentiating internal and external users?
Hi Bekzod,
Please check out this nice video from John about Local Traffic Policies: https://www.youtube.com/watch?v=-iLzxfKbl5A
You can either create an iRule or use Local Traffic Policies. Local traffic policies are recommended approach as crodriguez mentioned.
This is probably the exactly the iRule you should use but just to give you an idea of how you can create yours:
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr]/24 equals TYPE_NETWORK_ADDRESS_HERE] } {
pool TYPE_YOUR_POOL_NAME_HERE
} elseif { [IP::addr [IP::client_addr]/24 equals TYPE_NETWORK_ADDRESS_HERE] } {
pool TYPE_THE_OTHER_POOL_NAME_HERE
} else {
pool TYPE_THE_OTHER_POOL_NAME_HERE
}
} When client is accepted, if they belong to a certain network range, go to pool X, if they belong to another range, go to pool Y, otherwise, go to pool Z.
You can do the same with Local Traffic Policies. There are a couple of examples here if you want to get your hands dirty and practice a bit: https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/local-traffic-policies-getting-started-12-1-0/2.html