10-11-2011 08:55 AM
I have a Business unit that publishes an application that is externally available. We Reverse Proxy the VIP to allow the connection externally. They would like to impose different application timeouts for internal users (1 hour) and external users (30 Minutes) . The application can not differentiate between an external or internal source so our option is either seperate serverfarms with seperate real servers with different configuration files.
My question is, is there any other way to do this within the ACE so that we don't have to spin up seperate Servers with different configuration files.
I would also like to maintain one VIP address if possible.
10-11-2011 09:22 AM
You can maintain 1 VIP but you'll have to use header rewrite and work with dev. team of your application.
It's related to the session state tracked by a cookie the application sends (either as a Set-Cookie or a token embedded in URLs)
Make two different serverfarms (with the same set of real servers).
Make a class-map matching the IP addresses of internal users (RFC 1918 ?)
For this class-map, add a field in each HTTP request coming in
"X-Internal:YES"
apply this on each request with the option
header-rewrite per-request
The application team just has to parse each header for the pattern you've just added and then changing the timeout value to the one they want.
For the class-default (external users) you can add "X-Internal:NO", it's cleaner but not strictly necessary.
10-11-2011 12:13 PM
By chance, I believe you don't even need a second serverfarm, using only one with different actions triggered inside the policy-map should do the job correctly.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide