Larry_Wichter
Sep 04, 2019Nimbostratus
Force all requests to use Virtual Server
We need to control requests reaching a back end service running on a back end host and make sure that the request came through a valid virtual server on the F5 instead of going around the virtual server, directly to the back end server.
If a SNAT POOL or SNAT LIST is in play, then the source ip address will tell us.
If no source address translation is being done, how would we prove the request came through the right virtual server.
When an 'illegal' request is detected we want to redirect to the right virtual server or drop the request.
Using a custom header field will not help because it can be spoofed.
Is there a metric in the request we can use to identify where it come from and the path it took?