-
aVCS and floating IP'S
Posted by kmcewen@a10networks.com Can some one please explain the traffic flow through the VCS. I am working on an op where I cannot use SNAT and therefore reliying on the floating IP which is the default gateway for the servers. How do we ensure that the traffic flows back via the incomming blade? Ta Ken
-
ELECTION HASH
Posted by ivanm@a10networks.com Hi guys, We can do a similar aFlex? # MD5 calculation of Server + HOST + URI # Rule selects Server that scores highest # # S = Current high score # N = Node being evaluated # W = Winning node # # Set "myPool" to your pool name. # when HTTP_REQUEST { set S "" set myPool pool_name foreach N…
-
App switching and cookie persistency
Posted by jmaddox question from a customer. Aflex is likely not needed here: The domain is www.domain.com<http://www.domain.com> with a URI of www.domain.com/sf<http://www.domain/sf>, www.in-drive.com/sf-register<http://w...com/sf-register>, etc... I have 2 Service Groups: Service Group 1: Windows Server 1 Windows Server 2…
-
Filter DNS requests using Aflex
Posted by brunov I have the following aflex that will allow you to filter the DNS requests by hostname, and limit what will be load balanced to your DNS servers. Code:…
-
Default Path in Exchange 2010 (Shared VIP)
Posted by kmcewen@a10networks.com In the deploymant guide we say that we can not insert the /owa if it has been missed when using a shared vip for exchange services. As this was a requirement by a customer I have developped the following that worked with a bit of help (thanks all) when HTTP_REQUEST { if {[HTTP::uri] equals…
-
disable chunking client side?
Posted by jmaddox HTTP::version "1.0" should turn off chunking on the server. Is there a way to turn off http chunking for the client side connection?
-
unknown command "elseif"
Posted by jmaddox What is the correct syntax to prevent the error indicating that "elseif" is unknown command? when RULE_INIT { # List of "part of URL" not autho "redacted"] set cookie_name "ua_lbdev_node_forced" } when HTTP_REQUEST { # Get node number from URL ending in /?node1, /?node2, etc. set node_forced [findstr…
-
Redirect HTTP based on client browser
Posted by patricko0317 I have a need for an Aflex script. I need it to redirect the browser to a different page based on the browser the client is using. If it is IE 9, I need it redirected. Will the following script accomplish this? Also, can I add this to the script you gave me for logging? when HTTP_REQUEST { if {…
-
Finding hostname.tld in FQDN
Posted by mischa This will find the hostname + tld from the FQDN. Basically removing "www." from the average request. www.a10networks.com becomes a10networks.com Code:…
-
Getting around Data Groups
Posted by mischa IHAC that is looking to replace their current LBs with A10 and they are using Data Groups. Code: class exampleClass {"string1""string2""string3"}rule exampleRule {when HTTP_REQUEST {if {[matchclass [HTTP::uri] contains exampleClass]}{log local0. "Using uri-match pool - [HTTP::uri]"pool pool-uri-match} else…
-
Persistence aFlex based on UIE from real server
Posted by aanchev This script was written for a home grown web application that sets a UIE when a client establishes a connection to the server. If a client has no UIE, it is load balanced normally. If the client has a UIE, the script provides stickiness to the server the client received it from. when HTTP_REQUEST { set…
-
Health monitor timing
Posted by shakedown1979 Background: I have several Apache hosts (~60) on a single instance -- all of which need basic http/https monitors. I have matched the interval/retry/timeout values close to what our previous load balancers used. Here is an example of one of the new monitors: health monitor M-HTTP interval 10 retry 1…
-
Custom Roles and Radius
Posted by jgreen When using preconfigured roles in radius, a vendor assigned attribute of 2, and a decimal value of 1-12 it works; however, when I create a custom role what value should be used for the attribute format and value?
-
RAM Cache Security
Posted by patricko0317 A question has arisen as to the security of the RAM Cache. Some of the objects we are caching containg personal, private information. We need to make sure that the RAM Cache is secure and that this data cannot be accessed inadvertently or maliciously.
-
The Official World IPv6 Day Thread
Posted by pnicholcon Any thoughts, observations or comments on World IPv6 Day? We'd love to hear them. Post away.
-
aFlex to Selectively Insert /owa for Exchange 2010
Posted by kberton A10's Deployment Guide for Exchange 2010 provides the following aflex script to insert /owa into the path of any request where it doesn't already exist. However, this seems to break the Exchange Control Panel (ECP) which is accessed under /ecp. Any advice on editing this script to accommodate requests to…
-
aFlex to Change URI Case in a certain location
Posted by TODDH We have a very simple aflex that we currently us to convert the entire uri to lower case: when HTTP_REQUEST { HTTP::uri [string tolower [HTTP::uri] ] } We need to modify that aflex so that it only executes the “tolower” to a portion of the uri. The portion of the uri that we need to convert to lower case is…
-
ICMP6 Type 2 (packet too big) messages ignored?
Posted by kirbini I've been told, and and am trying to confirm (here and through testing) that the AX series (all of them) do not honor IPv6 ICMP Type 2 messages. These messages indicate that fragmentation is needed but when we use the AX1000 as an IPv6 VIP in front of an IPv4 server group the AX does not properly fragment…
-
How to respond with a 301 permanent redirect?
Posted by TODDH Guys, Do we have any way of responding with a 301 (permanent redirect)? I need a way to inform the search engines that my customers location is permanently moved. Thanks, -Todd-
-
xAPI getstatus- PHP
Posted by JackofallTrades Below is a sample of code for accessing the xAPI via PHP. I am using xPath and pear HTTP/REQUEST2. I am not a coder so ignore my slop. First I define the login information and the xAPI path. The code snippet is ax_main.php Code: <?php//pear install HTTP_Request2require 'HTTP/Request2.php';//define…
-
Persistence Across VIPs
Posted by jpearcy I have persistence working with no issue one most of our VIPs. The problem we are running into right now is that one of our apps makes calls between two VIPs. We need to keep persistence between those two VIPs. The kicker here is we are already using an aflex script on one of the VIPs SSL port so we have…
-
How to use " in my output?
Posted by tcp-me Sorry for the newbie questions, but how do I print “ in my output? For example when LB_FAILED { HTTP::respond 200 content "<html><head><title>Apology Page</title></head><body>We are sorry, but the site you are looking for is temporarily out of service<br></body></html>" But if I put in a link, it requires…
-
Switch sites to insert cookie
Posted by tcp-me I'm wondering if anyone has a good idea on how to do this. My company's site is say... abc.com My customers who use our service get customer1.abc.com. We've been inserting our cookie for abc.com to track usage and session. Now my customers want survey.customer1.com to be the domain, but they'll resolve the…
-
Server selection based on URI
Posted by ddesmidt One of our customers had a special request and I want to share it with you so you can enjoy our solution if you have similar needs They have 20 servers named S1 to S20. In the URL they give to their customers, each unique URL has to go to a specific server. Example: www.xyz.com/work/S2/etc/index.html.…
-
Adding "HttpOnly" to Cookie
Posted by mischa If you need to add "HttpOnly" to a cookie: Code: when HTTP_RESPONSE {if { [HTTP::header exists "Set-Cookie"] } {set cookie_value [HTTP::cookie "TestCookie"]HTTP::cookie remove "TestCookie"HTTP::header insert "Set-Cookie" "TestCookie=$cookie_value; HttpOnly"}} I found that this works very well.
-
Logging traffic flows in syslog
Posted by mike_larue@agilent.com We are looking for a way to log traffic flows in syslog so that we can get a clear picture of the client IP/VIP and SNAT/Server IP binding. We woudl like to see: timestamp; client IP; VIP; SNAT IP; Real Server for each flow that is created. Do you have the aFlex code available for this?…
-
prevent Src IP Persistence to sorry server
Posted by kberton Attempting to create an aFlex that will set Src IP Persistence for all servers in a service group *except* for one server which is being used as a sorry server. I am setting priorities in the service group for each service and default behavior of AX is to apply the same persistence template to all member…
-
Select group based on AX system date
Posted by kyang A customer wanted his AX to direct the traffic by AX system time. Example: direct the traffic by AX date number,if the number is even then direct the traffic to sg-even,else to sg-odd. Here is how: Code: ------------------------------------- when CLIENT_ACCEPTED { set curdate [TIME::clock seconds] set…
-
Skipping Large Content Size for HTTP Collect?
Posted by TODDH How would I add an if / else to check for HTTP content-length and only perform collect when the size is smaller than 1MB / 1.2MB? when HTTP_RESPONSE { HTTP::collect } when HTTP_RESPONSE_DATA { set clen [HTTP::payload length] regsub -all "elm" [HTTP::payload] "elm" secureurls HTTP::payload replace 0 $clen…
-
Template settings, chasing the enabled value..
Posted by SvenA Hi, I am somewhat lost in the server/server port template wilderness. Any guidance would be greatly appreciated. I am trying to figure out which setting overrides the other on a server / server port. Let's try a simple example: I have a pool of servers all serving content on server port 80. I am controlling…
