05-05-2005 08:04 AM
I have an issue with two content rules balancing on ports 80 and 443. The port 80 rule works fine however the port 443 rule does not. If I remove the url "//webaddress.internal.domain.co.uk/*" statement from the port 443 rule or replace it with "/*" it works. The scenario is we have multiple sites hitting the same VIP but would like to send requests for specific sites to specific servers. This worked by adding the URL statement for port 80 but consistently failed on port 443!!
Thanks in advance for any help/ideas.
a quick summary of the rules below.
content L3_dev_teddiesnurseries.co.uk
add service SERVER01
add service SERVER02
vip address 10.0.0.1
advanced-balance sticky-srcip
protocol tcp
port 80
url "//www.website.domain.internal.co.uk/*"
persistent
active
----------------------------------------------
content L5_dev_teddiesnurseries.co.uk
add service SERVER01
add service SERVER02
application ssl
vip address 10.0.0.1
advanced-balance sticky-srcip
protocol tcp
port 443
url "//www.website.domain.internal.co.uk/*"
persistent
active
05-06-2005 04:44 AM
traffic encrypted can't be seen by the CSS or any other device than the destination.
Therefore, the CSS can't see the url for HTTPS traffic.
The solution is to use an ssl-offloader so the traffic is decrypted before it gets to the CSS.
Gilles.
08-30-2006 02:19 PM
The problem that you are having is that 443 traffic is encrypted and your load balancer has no visibility into the url.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide