Re: Probably the customer is asking for some redirects ????

astanislaus · ‎10-25-2006

Configuration of load balancer is attached. In this config we have defined the application as SSL application as per customer's requirement of stickiness. For SSL we need to give port 443 or any other defined in config. Customer is asking that port is required only when clients login to the portal.When website is open no port is required. Please suggest any change in the config or any URL with sample config.

astanislaus · ‎10-25-2006

Initially the website allows http requests. Once the user logs in, then the SSL session starts, which we trap on the Load Balancer to do Session Stickyness.

When we connected the servers to the LB, we needed to add the port 443 to the url to enable the LB to pass it through.

The issue is that the website advertised by the customer is http and not http(443). We need to configure the LB in such a way that it allows http and then when the login occurs, allows https and traps the session.

Any sample config would help.

Gilles Dufour · ‎10-25-2006

there are 2 mistakes.

1/ you have only 1 rule that takes care of SSL but not HTTP

2/ your services are configured to send all traffic to port 80 - even SSL traffic.

So, replace the command "port 80" with "keepalive port 80" from all the services so the destination port is preserved.

Then remove the commands 'application ssl' and 'port 443' then configure 'advanced-balance sticky-srcip' under the content rule.

This will allow both http and ssl and will guarantee stickyness even after login.

service Server3

ip address 128.91.16.162

keepalive type tcp

keepalive port 80

active

owner L5_Owner

content L5_Rule

add service Server1

add service Server2

add service Server3

vip address 128.91.16.18

advanced-balance sticky-srcip

active

Gilles.