Forum Discussion

Livius's avatar
Livius
Icon for Altostratus rankAltostratus
Jun 14, 2018

VIP listening on a port range

Hi,

 

I have the following scenario.

 

F5: VIP with port range UDP 60007-60029 Pools : same members, with same port range 6007-60029 UDP mapped as follows:

 

VIP1 : IP1:60007 - POOL : members:60007

 

VIP1 : IP1:60008 - POOL : members:60008

 

Since there is a lot of redundancy in this configuration I would like to find a way of reducing the config overhead. Such as configuring an "any" port in the Virtual Server, then directing each request to a certain pool based on VS port. Any other suggestions?

 

2 Replies

  • Hi I think is a good way.

    You can create just one VS with a wildcard port (your pool memeber have to be set in wildcard port too).

    If you set a monitor you have to set it in transparent mode.

    And create an irule in order to authorize the intended port...

    when CLIENT_ACCEPTED { 
        if { [TCP::local_port] >= 60007 && [TCP::local_port] <= 60029 } { 
             do nothing
        } else { 
            reject 
        }
    }
    
  • Hi,

     

    Best configuration when you create a virtual server listening on any port is to configure too the pool members with any port.

     

    The client side destination port will be used for the server side destination port.