NimbostratusHi,
I need your help to do a "custom L7 load balancing" :
we are using F5 LTM to load balance a proprietary protocol and we would like to redirect some requests that contains a specific string to a different server/pool,
is this something we can do with irules ?
can we use Message routing framework (MRF) to achieve this ?
thank you
MVP,
I'd try something like below, have done payload manipulation in the past, so i assume it should work.
Keep us posted/.
ltm rule test_rule {
when CLIENT_ACCEPTED {
set ltm_trace [string range [AES::key 256] 15 23]
set vip [findstr [virtual name] "" 8 ]
log local0. "LTM_TRACE=$ltm_trace VIP=$vip CLIENT=[IP::client_addr] has established a connection"
}
when CLIENTSSL_HANDSHAKE {
SSL::collect
}
when CLIENTSSL_DATA {
# Do not log fullpayload as it may contain sensitive information
#log local0. "LTM_TRACE=$ltm_trace VIP=$vip FULLPAYLOAD=[SSL::payload]"
if { [SSL::payload] contains "magic" } {
pool magic_pool
log local0. "LTM_TRACE=$ltm_trace VIP=$vip --> Pool=magic_pool"
} else {
pool default_pool
log local0. "LTM_TRACE=$ltm_trace VIP=$vip --> Pool=default_pool"
}
SSL::release
}
when CLIENT_CLOSED {
log local0. "LTM_TRACE=$ltm_trace VIP=$vip CLIENT=[IP::client_addr] connection is closed"
}
}
MVPThese kind of senerio not seen but try MRF and update us also.. thanks
Nimbostratuscan something like this work ?
when CLIENT_ACCEPTED {
TCP::collect 100
}
when CLIENT_DATA {
set payload [TCP::payload]
if { $payload contains "magic" } {
pool magic_pool
} else {
pool default_pool
}
}
Something like that might work, but only if the TCP payload is in clear text and not encrypted, as with SSL/TLS.
MVPAs long as SSL Offload is there, it should be doable I believe. Like below code snippet Ive shared.