draco
Apr 09, 2017Nimbostratus
SSL offload
To do ssl offload, should the virtual server be 443 ? can it be a customized port ? so that the user can use : eg ?
Also, does irule have precedence over all ??like if there is persistence...
SSL offload is independant of port. We use 443 for user convenience on the client side.
When it comes to iRules you start your processing with the settings on the virtual server as your baseline. Then you process Local Traffic Policies, then iRules in that order. They can update the template. Then when all that is finished the F5 uses the updated template.
As for persistence if you select a pool using an iRule and not a pool member it will follow any matching persistence record for that pool. If their is none it will load balance as per the pool configuration. If you use an iRule to select a pool member it will overide any persistence and use it, for some persistence configurations this will also trigger an update of the persistence record to the new pool member. Note: This can only happen at the beginning of a connection. After that it will ignore any future selection as the F5 load balances per connection. If you want per request load balancing you need to enable one connect.
Hey Kevin
How do i create an https server on port other than 443 ?
I will give the customized port as 9797 and it will 'other' as protocol .And then assign an ssl client profile ? it will accept ssl traffic ? if we access as ?