Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [f5-big-ip]

Discussions around F5's BIG-IP security application delivery controller solutions. Ask about configuration, installation, performance, and any other administrative related issues.

F5's BIG-IP platform contains many modules that each do different things, so if you're not sure where to ask your question regarding their products, do so here. This is a generic area for all of their BIG-IP related product lines. Their Silverline cloud and Linerate products should be in separate forums but still feel free to ask here if unsure.

126 questions
1
vote
2 answers

F5 Action on Service Down

Does anyone know how the F5 rebalances traffic when you configure "Action on Service Down" to None. i.e say there are active connections and your have updated the health check so that the server is down. The exsisting connection are active, but then…
RickD
  • 145
  • 1
  • 2
  • 15
1
vote
1 answer

Server won't reply to POST request

I'm working on a WordPress site that's served by two lighttpd backends behind an F5 load balancer. Previously, the site was served by a single lighttpd server behind a nginx reverse proxy, and everything worked fine. Now, sometimes when sending POST…
felipelavinz
  • 111
  • 1
1
vote
2 answers

F5 BIG_IP persistence iRules applied but not affecting selected member

I have a virtual server. I have 2 iRules (see below) assigned to it as resources. From the server log it looks like that the rules are running and they select the correct member from the pool after persisting the session (as far as I can tell based…
zoli
  • 238
  • 3
  • 8
1
vote
1 answer

WCF custom certificate validator not invoked in BIG-IP environment

My WCF service with a custom client certificate validator works fine in my non load balanced environment. When first deployed to BIG-IP environment there was a problem with it stripping SSL information and ending up sending only http information to…
lox
  • 157
  • 1
  • 7
1
vote
1 answer

How can I version controll my F5 Big-IP LTM load balancer configs while allowing changes via iControl or the web interface

Currently we use F5 Big-IP LTMs (IP load balancers) in our environment for load balancing. We have an existing process for making changes to LTM configs and pushing them out. I'm trying to figure out the best way to accommodate a new need of our…
gene_wood
  • 483
  • 5
  • 15
1
vote
2 answers

Is F5 Big-IP Routing by DNS Names (on one IP address and port) Possible?

In IIS, it is possible to listen for many DNS names on one IP address and port and then direct users to different websites based on the DNS name. Is the same thing possible with F5 Big-IP devices?
Techboy
  • 1,540
  • 7
  • 31
  • 49
1
vote
3 answers

Big IP F5 Basics (show run/show conf/term len 0)

I've tried to find the basics in a Big IP manual but it seems to me the device is marketed towards GUI users only. Meanwhile I want to write a few scripts to automate tasks on the load balancer. Namely: how do I turn off more - when I issue a…
PP.
  • 3,246
  • 6
  • 26
  • 31
1
vote
2 answers

Creating CNAME to delegated domain

We are trying to configure F5 to do load balancing on 4 sub domains similar to this article. For Example prod.wip.example.com. NS F5NS1.example.com. prod.wip.example.com. NS F5NS2.example.com. test.wip.example.com. NS F5NS1.example.com.…
Starsky
  • 103
  • 1
  • 8
1
vote
1 answer

F5/BigIP rule to redirect affinity-bound users from INACTIVE pool node to other ACTIVE node

We have several server nodes set up for the end users of our system and because we don't use any kind of session replication in the app servers, F5 maintains affinity for users with the ACTIVE node the client was first bound to. At times when we…
j pimmel
  • 123
  • 6
1
vote
4 answers

Long HTTP Get and Instant Response

We have an ASP.Net 3.5 Application on IIS7. On our preview server, it runs with almost instant gets and responses (~1 second from get to the page displaying). We have a production environment with 5 web front ends and a cluster of 3 sql…
Jeremy Boyd
  • 586
  • 1
  • 9
  • 17
1
vote
0 answers

PostFix permit_sasl_authenticated behind a Big-IP F5 load balancer

I have a functioning postfix server that uses smtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination I am trying to put this behind a LB. When I telnet or openssl to the virtual IP in my LB I can EHLO…
NotACreativeName
  • 11
  • 1
1
vote
1 answer

Internal website over SSL VPN (F5 Network) session issue

We have F5 Networks SSL VPN setup and added some internal websites in F5 portal. One website works good, but the other one has session problem. When I sign in to F5 portal, from there I go to internal website (which F5 redirects) 1, then I can sign…
George G.
  • 11
  • 3
1
vote
1 answer

Too many redirects NSX Load Balancer (HA Proxy) Application rule

We are trying to do a redirect from / to /access/signin however with the following application rule we see too many redirects (looping) for HTTPS, HTTP is working fine. acl TEST-RDR hdr_dom(Host) -i www.test.com acl TEST-RDR path_beg…
Cousty
  • 11
  • 1
1
vote
1 answer

F5 BIG-IP workaround to CVE-2020-5902 vulnerability

Do you have any idea of a workaround for the CVE-2020-5902 vulnerability? I cannot update at the moment, but I am concerned because it is a Critical vulnerability.
Giordano Calabrese
  • 13
  • 2
1
vote
2 answers

How to solve "Bad Certificate" error on kubernetes pod?

I am trying to set up a kubernetes pod in order for it to connect to a device, specifically a F5 BIG-IP appliance. The deployment appears to be OK, in fact i had to modify a code snippet I found online. When the pods is trying to start up, i got an…
Alessandro
  • 55
  • 5
1 2 3
8 9