I have two public IP's alloted by network team NAT'ed to two private IP x.x.x.2 and x.x.x.3. This private IP is assigned as a VIP on my Load Balancer. I am wondering how these two VIP's can be used for multiple L4 services on my software based AVI load balancer.
I could see multiple companies does this with F5 irule, does the F5 read the client hello (server name) and select the appropriate pool?
I am trying to do L4 passthrough for my SSL VPN hosted within the same subnet 192.168.2.0/24.
"I could see multiple companies does this with F5 irule, does the F5 read the client hello (server name) and select the appropriate pool?" Im not sure I follow - but will attempt to answer what I think you are asking.
If you are trying to receive multiple services behind a VIP - you can create an ANY PORT vip (listening at port 0 which represents ALL_SERVICES). You can then have pool members that also respond at port 0 (ALL_SERVICES) so packet comes in anywhere and gets forwarded back out the same to your load balanced pool.
You can do this with a FastL4 profile which handles the traffic in the ASIC module (hardware accelerated depending on your model). FastL4 is only aware of up Layer 4... doesnt know L7 concepts - it basically turns your F5 into a $75k ethernet cable with load balancing and some other advanced features. You can also use BASIC irule features here ... (Client accepted, etc...) HTTP request will not work as FAstL4 has no concept of above Layer 4.
