port pass through...

Hi Joe,

 

 

If you create a VS and pool members on port 0, LTM will not translate the port. So whatever port the client requests will be used to load balance to the pool. If you want to break out specific port 80 URIs, you could create another VS on port 80 and use HTTP classes or an iRule to select a pool based on the requested URI. If you wanted to do this for HTTPS traffic, you could create a VS on port 443 and decrypt the SSL with with a clientssl profile. You could then use HTTP classes or an iRule to select a pool based on the requested URI. The pool members would normally be defined on port 80 and you'd need to enable port translation on this VS.

 

 

To use HTTP classes to select a pool member based on URI, you can create one class per pool. Then configure the URI/path filters using string patterns like /portal* for the /portal requests and /ws* for /ws requests. To use an iRule to do the same thing, you could use a switch statement:

 

 

http://devcentral.f5.com/wiki/default.aspx/iRules/switch

 

 

If you want more detailed steps for implementing this, let us know which methods you think you'd like to use.

 

 

Aaron

Hoolio, first sorry about the double post. Not sure how that happened or how to delete it. OK, so I want to do it with HTTP classes. I am running version 9.3.1 and it doesn't seem as easy as the URL that you sent says. The only place I can see to specify a URI is in compression? Is that the right place? Then how do you tell it to send the request to a certain pool? I see in the VS where you can select the http profile but then what? Doesn't give you a choice between one pool or another? Thanks Joe

Hi Joe,

No worries about the double post. HTTP classes were added for ASM-licensed units in 9.2 but not for LTM-only licensed units until 9.4. You're seeing the HTTP profile--not HTTP class profile. So for LTM version 9.3, you'll need to use an iRule. You can try something like this for the port specific HTTP or HTTPS VS(s):

when HTTP_REQUEST {

    Check the requested URI with wildcards
   switch [HTTP::uri] {
      "/ws*" {
         pool ws_pool
      }
      "/portal*" {
         pool _pool
      }
      default {
         pool default_pool
      }
   }
}

Aaron

Thank you very much. As a follow up question, how hard is it to upgrade a failover pair of LBs without any downtime?

 

Joe

There will be at least a momentary outage when you fail over between units. The process is described in SOL11215:

 

 

SOL11215: Upgrading an active/standby BIG-IP high availability pair

 

https://support.f5.com/kb/en-us/solutions/public/11000/200/sol11215.html

 

 

Aaron

Thank you as always!

 

 

Joe

Hoolio,

 

Thank you very much, with a little tweaking I was able to get this to do exactly what I want. Now I need to look into upgrading so I can try it with the http class.

 

Thanks

 

Joe

Posted By hoolio on 07/15/2010 01:07 PM

 

There will be at least a momentary outage when you fail over between units. The process is described in SOL11215:

 

 

SOL11215: Upgrading an active/standby BIG-IP high availability pair

 

https://support.f5.com/kb/en-us/solutions/public/11000/200/sol11215.html

 

 

Aaron

 

 

While true, this is usually only a loss of a few packets at the network level (in reference to hardwire failover). With unmirrored short-lived connection or mirrored long-lived connections, TCP handles this failure with aplomb and most nrt applications don't even notice. With rt applications you might see a miniscule screen freeze or some minor audio/video corruption.