Forum Discussion

Christofer_Tib1's avatar
Christofer_Tib1
Icon for Nimbostratus rankNimbostratus
Sep 14, 2006

loong.... problems with multiple pools on one virtual server

Hi.

 

I will try and explain this from the start so some background info first.

 

 

1. we have two internet providers.

 

2. We don't have a lot of public IP addresses to work with. Cause they are used for other services.

 

3. We must be able to use several hosts / public IP.

 

4. we are running the link controller license.

 

 

The problem:

 

when a pool goes down then all wide-ip connected to the same virtual-server as the pool also goes down.

 

 

Setup:

 

We have several wide-ip's

 

 

Example:

 

wide-ip1.external-service.com

 

wide-ip2.public-service.com

 

wide-ip3.test.com

 

 

all these wide-ip point to the same virtual server, this due to the limit of available IP.

 

 

the virtual server is in the example called Virtual-server1-isp1

 

and Virtual-server1-isp2

 

 

This Virtual server is running the http service to read the traffic it also has a SSL cert called SSL-cert01.

 

So we unpack the https traffic and send only http to the pools.

 

 

Both these two virtual servers have an irules attached to them.

 

 

the irule is simple with only if statements and pool statements like this.

 

 

when HTTP_REQUEST {

 

HTTP::header replace "X-origin-IP" [IP::client_addr]

 

 

if { [HTTP::host] equals "wide-ip1.external-service.com" } {

 

if { [HTTP::uri] starts_with "/special/" } {

 

pool server_pool01-http

 

}

 

} elseif { [HTTP::host] equals "wide-ip2.public-service.com" } {

 

pool server_pool02-http

 

} elseif { [HTTP::host] equals "wide-ip3.test.com" } {

 

pool server_pool03-http

 

} else {

 

drop

 

}

 

}

 

 

the pools we have are:

 

server_pool01-http with 1 node (server1)

 

server_pool02-http with 2 nodes (server2,server3)

 

server_pool03-http with 3 nodes (server4,server5,server6)

 

 

all three pools are monitored with http monitor.

 

 

all nodes are monitored with ping.

 

 

And the problem is that if the server guys bring down server1 by ex rebooting the server or http service.

 

Then the f5 monitor will mark that server down, so the pool will be red, the virtual server will still be green. but all the wide-ip's connected to that virtual server will go down.

 

so

 

wide-ip1.external-service.com

 

wide-ip2.public-service.com

 

wide-ip3.test.com

 

 

becomes red and no traffic can reach our servers as the DNS is down then.

 

 

even though the server_pool02-http and server_pool03-http is still up and should continue to work.

 

 

So the questions is how do we fix this.

 

 

I would like the F5 either only to bring down only the Wide-IP affected by the pool and in this case it would be wide-ip1.external-service.com as that is the one used by the pool.

 

Or the other way would be to always keep the Wide-IP up and working, but I still need internet link redundancy.

 

 

Can this be done in irules someway?

 

 

PS. Sorry for the long post. I also have a support case on this, but those guys are not as good at irules as you are. So I check with you guys also.

 

 

Best Regards Christofer

 

No RepliesBe the first to reply