internet traffic egress load balancing for https

Question

Hi! Experts&nbsp;We want to do internet traffic egress load balancing for https, depends on different URLs. because https traffic in encrypted, we plan to use irules read SNI field in https header and select a egress link. Is this method doable?  or do you have any experience on this and could shed some light?&nbsp;Thanks for your great help.

simon_blakely · Answer

F5 has an entire product for this sort of SSL examination and routing - SSL Orchestrator

Trying to do this in an irule is complex and difficult, because you need to delay the server-side binding until the ClientHello has been sent and examined, and then pass the ClientHello through.

There are some irules that examine SNI headers to make decisions - have a search.

But you may find it easier to consider a ready-made and complete product that does what you require, and more.

Forum Discussion

internet traffic egress load balancing for https

1 Reply

Recent Discussions

F5 loadbalancer not working

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Related Content

fellow traffic

Deploying F5 BIG-IP with Azure Cross-region load balancer

Re: NGINX for Azure: Load Balancing

F5 APM VPN Choking Internet Bandwidth

Lightboard Lessons: Local Traffic Manager Load Balancing Algorithms