Forum Discussion
hooleylist
Jan 16, 2008Cirrostratus
A related suggestion...
If you're able to use only HTTP on the back end to the servers, you could define the pool members on the same HTTP port and avoid using an iRule altogether. Just the two VIPs, the same cookie insert persistence profile and the same pool would work.
And if you wanted to use one VIP on port 0, with one cookie persist profile and one pool with the members defined on an HTTP port, you could use a rule like this:
when CLIENT_ACCEPTED {
Make decisions based on the destination port
switch [TCP::local_port] {
80 {
Need to disable client SSL for HTTP requests
SSL::disable
}
443 {
Do nothing, request will be decrypted and sent to pool
}
default {
Reset the request as it's not to an allowed port
reject
}
}
}
Aaron