An interesting question came up the other day, we have multiple endpoints sending syslogs into a F5 VIP fronting a syslog collector…all on port 514. Our logging team wanted to change the port from 514...
Continue reading...F5
F5 iRule — Syslog Cloning iRule with HSL or Sideband
HSL_syslog_cloning First lets create two(2) pools with a single node in each. These will be used in our iRule to clone the UDP datagram to both. pool_SyslogServer001 pool_SyslogServer001 Now that we created the two(2) pools...
Continue reading...F5 iRule — No Pool Members Available Vanity Page
I wrote a iRule post located here, where I describe the essentials behind how beneficial iRules can be and the many use cases they have. I stumbled across a situation the other day for a...
Continue reading...F5 BIGIP and HAProxy — Masking 2-Way “Mutual” SSL Authentication
Hello folks, So a recent post I published talked about 1-Way vs 2-way SSL Authentication in some decent detail. We learned that 2-Way “Mutual” SSL Authentication can be used to enforce both parties attempting to...
Continue reading...F5 BIGIP — iRule Server Selection based on Client Source Address and Port
A interesting request came up today regarding a Web Service we provide to multiple clients, all of whom have peering points connecting their IP network to ours using private address. The request was to have...
Continue reading...F5 BIGIP — Configuring the F5 AOM (Always On Management) interface
The F5’s AOM (Always On Management) interface module is one of the fundamental administrative features offered by BIGIP appliances. If you are familiar with System or Blade management devices, it is the similar to ILO...
Continue reading...F5 BIGIP — iRule Block URI for external Client’s only
So, I had a cool question asked to me today regarding an F5 VIP used by a web application. “Can we block a certain URI from external client’s but allow internal client’s to visit it?”...
Continue reading...F5 BIGIP — Alternative using HAProxy and keepalived — Part 2
Okay we’re back!! Welcome to Part#2. If you’ve read my last post in this high availability and load balancing series(Part#1) you understand the need for HAProxy to complete our setup. If you recall, I am...
Continue reading...F5 BIGIP — Alternative using HAProxy and keepalived — Part 1
I come from a strong BIG IP F5 background and wanted to explorer alternatives to their LTM product line. BIG IP F5 LTMs are their Highly Availability and Load-Balancing network products, see here. They are...
Continue reading...F5 BIGIP — Determine the Healthcheck Source Address
I was discussing some F5 LTM Healthcheck Monitor capabilities with a colleague of mine at work the other day, when he brought up a great question. What does an F5 LTM use for a source...
Continue reading...