NimbostratusTo do ssl offload, should the virtual server be 443 ? can it be a customized port ? so that the user can use : eg ?
Also, does irule have precedence over all ??like if there is persistence profile being in use along with irule, does irule have more priority than the persistence profile ?Like if a pool is selected via irule , does the subsequent session go via irule ? or does it check the persistence table ?
NimbostratusYou can use any port you like as long as your server is listening on the connection port you have defined.
It will perform the iRule and then persistence will kick in on egress I believe. You could include source persistence none in your rule though.
NacreousSSL offload is independant of port. We use 443 for user convenience on the client side.
When it comes to iRules you start your processing with the settings on the virtual server as your baseline. Then you process Local Traffic Policies, then iRules in that order. They can update the template. Then when all that is finished the F5 uses the updated template.
As for persistence if you select a pool using an iRule and not a pool member it will follow any matching persistence record for that pool. If their is none it will load balance as per the pool configuration. If you use an iRule to select a pool member it will overide any persistence and use it, for some persistence configurations this will also trigger an update of the persistence record to the new pool member. Note: This can only happen at the beginning of a connection. After that it will ignore any future selection as the F5 load balances per connection. If you want per request load balancing you need to enable one connect.
NimbostratusHey Kevin
How do i create an https server on port other than 443 ?
I will give the customized port as 9797 and it will 'other' as protocol .And then assign an ssl client profile ? it will accept ssl traffic ? if we access as ?
NacreousYou dont have to use the drop down box on the right, you can just type in the port number. Assign an SSL profile and it will work. The 'other' just means its not on a recognised port. The names on the right are just labels that are matched to the port numbers you type in. Standard ports are known, everything else is other. They are not protocol definitions for the virtual server.
NimbostratusWhen Creating your Virtual Server and you come to your Service port select 'other' from the Drop down menu and enter the desired port number.