tcp redirect and https response verification

davidm101 · ‎04-08-2005

Can CSS redirect ip based tcp traffic (in addition to http/https ) to a remote server when the local server is down (active/standby) - there is no DNS involed in the process?

Can CSS (with SCA) check the https return string to determin the server status?

Thanks.

Gilles Dufour · ‎04-08-2005

there is a way to do it.

You just configure your remote server as a service on the CSS and add the service as a sorry server to your content rule.

Them, you need a group to client nat the traffic sent to this server so it guarantees the response come back to the CSS.

In terms of performance this is far from perfect, but this is the only way for non-http traffic.

Gilles

Gilles Dufour · ‎04-08-2005

not with SCA, but with the SSL module we can now have https keepalive.

With SCA you may find a way to send http probes to the SCA that would encrypt the traffic and forward to server.

This should be possible.

Gilles.

davidm101 · ‎04-12-2005

I opened a case awhile ago because I was not able to figure out a way to do it through SCA. The TAC told me it cannot be doen through SCA.

Is it possible to use script to verify the return string through ssl module? Thanks.

skumar1969 · ‎04-08-2005

A service created with 'type redirect' and the 'redirect-string' might help you. If you apply this service to a Layer 5 rule the CSS will only send traffic to that service if all other local-services are down, assuming you have added more than 1 service to the content rule..

The CSS should be able to dns resolve inorder to have the redirected traffic hits the destination sorry server.