Forum Discussion

Ahmad_Mohaidat_'s avatar
Ahmad_Mohaidat_
Icon for Nimbostratus rankNimbostratus
Mar 28, 2014

using Range of ports on a virtual server with/without using iRules

Dears , i'm currently trying to implement a HA LTM/ASM appliances on a Web application server that serves around 27 customers , The Web application server has around 20 services each service will use a specific port , each customer will use a range of ports as follows: Customer A : 5000-5019 , Customer B : 5020-5039 ..... etc. "THE SAME IP ADDRESS WILL BE USED FOR AL CUSTOMERS".

 

for management and future needs , each customer should have his VS but I'm not sure if we can create 27 VS and configure an iRule to specify the range or i have to create 27x20 VS which will be an administrative nightmare.

 

any advice will be much appreciated.

 

Best Regards, Ahmad.

 

application delivery
ASM Advanced WAF
deployment
devops
iRules
LTM
security

3 Replies

Sort By
  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Mar 28, 2014

    You can create a VIP that listens on an IP and any port (wildcard), but you can't create multiple VIPs with the same destination IP and wildcard port. You have a few options though:

     

    Create a single VIP with destination IP and wildcard port and use an iRule to pool to resources based on requested port. You could also optionally give each customer a different DNS name to the VIP and load balance based on that.

     

    Create a separate IP and wildcard port VIP for each customer (a different IP address for each). You can then optionally limit access based on the defined ports.

     

  • Mike_Maher's avatar
    Mike_Maher
    Icon for Nimbostratus rankNimbostratus
    Mar 28, 2014
    What version of code are you running? If you are 11.4.x you may have some options with Local Traffic policies