AltostratusHi Experts,
I am new to F5 and would like to know on below queries :
Would like to know, if there is any provision for getting Configuration File for specific virtual server. If yes, kindly share the steps to get it.
How to check, If there is any X-forward irule configured for specific virtual server or not ?
Is load balancer also provide the encryption feature for the decrypted data. If yes, then how to check this. ?
Rgds
EmployeeFor 1, do you mean to ask how to retrieve the parts of the config for a specific Virtual Server? If so:
tmsh list ltm virtual
where is the name of the Virtual Server.
For 2, there are actually three ways to insert an X-Forwarded-For header:
Because of this, there is no easy answer to your question, and for an iRule, there is no way to be certain that an X-Forwarded-For is being inserted without having a human analyze the rule. The reason is, one could conceivably do something like this (though it is certainly unlikely):
set x Forwarded
HTTP::header insert "X-${x}-For"
But a quick check that is likely to be successful -- at least in order to check for this in an iRule -- is (from bash):
tmsh list ltm rule | grep -Ei "^ltm rule|insert X-Forwarded-For" | grep -B 1 "insert X-Forwarded-For"
If by 3, you mean TLS/SSL offloading, then you need to look for a client-side and/or server-side ssl profile in the Virtual Server. Here is an example of a Virtual Server with both:
tmsh list ltm virtual show-tls-offload
ltm virtual show-tls-offload {
destination 203.0.113.1:http
ip-protocol tcp
mask 255.255.255.255
profiles {
clientssl {
context clientside
}
http { }
serverssl {
context serverside
}
tcp { }
}
source 0.0.0.0/0
vs-index 59
}
Notice the serverssl (perform TLS between BIG-IP and pool member) and clientssl (perform TLS between client and BIG-IP) profiles.