In some cases there’s a need to introduce rate limiting based on number of connections over period of time. Out of the box F5 allow you to set rate limit based on concurrent connections which is useful option, but not always provide functionality business require. Solution to this problem can be solved by using …
Category Archive: Load Balancer
Mar 18
How to log all requests with headers and VIP name in F5 LTM
In some cases, especially during troubleshooting it may be useful to create custom logging iRule to log information about requests to specific VIP. Of course you could simply use “Request Logging” profile in LTM, but using iRule will allow you to tag logs so you can find specific requests easier and most importantly log more …
Aug 21
PCI DSS vulnerability for SSL negotiation on Brocade ADX
Hardware application accelerators also called load balancers are commonly used for SSL offload as provide hardware acceleration for SSL processing. Additionally in many implementations process Application Layer (ISO/OSI Layer 7) information which require access to clear test data. In many cases device administrators configure SSL profiles to use “all-cipher-suites” command which allows ADX to negotiate …
Aug 21
How to insert HTTP header X-Forwarded-Proto for SSL traffic of F5 LTM
In our scenario we do SSL offload on the load balancer before inserting header for incoming request from client to physical server behind LB. To insert protocol information header you can configure a custom HTTP profile with ‘Request Header Erase’ set to X-Forwarded-Proto and ‘Request Header Insert’ set to ‘X-Forwarded-Proto: https’. This ensures that any …
Aug 21
How to synchronize part of configuration between ADX HA pair
Server Iron ADX load balancer allows you to configure whole SLB configuration between active and standby systems but what if you want to do it for specific part of configuration only. It this situation you can use command config-sync to send more specific slice of current configuration. Brocade ADX config-sync command on CLI ServerIronADX 1000(config)#config-sync …
Aug 21
How to rewrite HTTP redirect 301 to 302 using iRules on F5 LTM
In this example we going to rewrite HTTP redirect on server response. Assume that client is trying to connect to website which has been moved to different location and as a result Apache or IIS is sending HTTP response code 301 (Permanent Redirect) but we want to change it to code 302 (Temporary Redirect). There …
Aug 21
iRule – 301 redirect on F5 LTM
In this example we going to redirect HTTP request coming for domain.com to http://www.domain.com using basic iRule. Configuration steps: 1) Login to load balancer’s GUI 2) Go to Local Traffic -> iRules -> iRule List and click Create 3) Assign Name for iRule and paste enter irule code into Definition field. Once done press Finished. …
Aug 20
License upgrade on Brocade ADX
In order to upgrade software license on Brocade ADX load balancer follow steps below: 1) Obtain and save software license file (XML file) and copy it to a TFTP server that can be accessed by the Serveriron ADX. 2) Use the console or Telnet/SSH connection to access the load balancer. 3) Issue the copy command …
Aug 20
Password recovery on Brocade ADX
There may be a situation when you need to recover lost login password for your load balancer. To do so follow steps below: 1) Connect console cable to serial connection and start terminal session 2) Reboot ADX and press “b” to break booting process and enter boot monitor mode. 3) Enter “no password” command to …
Aug 20
Hybrid solution using RackConnect – how it works
Hosting environments can be Dedicated or Cloud based. In recent years more and more organizations combine both architectures to achieve scalability, performance and cost reduction. Hosting company called Rackspace who developed Open Stack and is one of leading providers of Cloud solutions offers hybrid solution called RackConnect. In summary RackConnect provides physical link between dedicated …