From cad5da1f4f7e6f65b7b40f32f59718a4f5c45cd5 Mon Sep 17 00:00:00 2001 From: "Paul C. Buetow (mars.fritz.box)" Date: Fri, 16 May 2014 20:02:32 +0200 Subject: New release --- README.pod | 32 +++++++++++++++++++++++++++++--- 1 file changed, 29 insertions(+), 3 deletions(-) (limited to 'README.pod') diff --git a/README.pod b/README.pod index b5cfa9b..163b025 100644 --- a/README.pod +++ b/README.pod @@ -140,13 +140,39 @@ And everything can be deleted as folows: fapi node fooserver1.example.com delete fapi node fooserver2.example.com delete -=head2 Setting up simple NAT Services +=head2 Setting up simple HTTP NAT Services - (Docu to be written) +A simple HTTP NATed service can be created as follows. + + # Create a NATed HTTP vserver + # fapi auto resolves the IP address. + fapi vserver myvserver.example.com:80 create PROTOCOL_TCP /Common/http + + # Add the pool to the vserver. + fapi vserver myvserver.example.com:80 set pool foopool + + # Add a NATed HTTPS vserver + fapi vserver myvserver.example.com:443 create PROTOCOL_TCP /Common/http + fapi vserver myvserver.example.com:443 set pool foopool + + # Restrict the vserver to a specific VLAN (IMPORTANT! security + # hole otherwise!) + fapi vserver myvserver.example.com:443 set vlan VLANNAME + + # Put the VirtualAddress of the vserver into a specific traffic group + fapi vip myserver.example.com set tgroup some-traffic-group + +In order to make this work your application servers need to have setup a +default route to the loadbalancers floating self IP. =head2 Setting up simple SNAT Services - (Docu to be written) +Same as setting up a NATed services, but you don't need to configure default +routes from your application servers to the loadbalancers floating self IP. + +You need also to set the SNAT flag as follows: + + fapi vserver myvserver.example.com:443 set snat automap =head2 About the NAME argument -- cgit v1.2.3 From db6eeb697243ff2ef4eff87df0b568ec8ec1b4ac Mon Sep 17 00:00:00 2001 From: "Paul C. Buetow (mars.fritz.box)" Date: Fri, 16 May 2014 20:12:07 +0200 Subject: New release --- README.pod | 30 +++--------------------------- 1 file changed, 3 insertions(+), 27 deletions(-) (limited to 'README.pod') diff --git a/README.pod b/README.pod index 163b025..225a5f6 100644 --- a/README.pod +++ b/README.pod @@ -107,22 +107,12 @@ If you want to list all configured objects on your partition just run A simple nPath service can be created as follows. - # Create a nPath HTTP vserver, 'nPath' also auto disables NAT and PAT - # fapi auto resolves the IP address. fapi vserver myvserver.example.com:80 create PROTOCOL_TCP nPath - - # Add the pool to the vserver. The vservers name inside of BigIP will be - # the FQDN followed by _PORT. In this case it would be: - # myvserver.example.com_80 (or full: /Partition/myvserver.example.com_80) - # The reason is that : are not allowed in vserver names. fapi vserver myvserver.example.com:80 set pool foopool - # Add a nPath HTTPS vserver - fapi vserver myvserver.example.com:443 create PROTOCOL_TCP nPath - fapi vserver myvserver.example.com:443 set pool foopool - - # Restrict the vserver to a specific VLAN (IMPORTANT! security + # Restrict the vservers to a specific VLAN (IMPORTANT! security # hole otherwise!) + fapi vserver myvserver.example.com:80 set vlan VLANNAME fapi vserver myvserver.example.com:443 set vlan VLANNAME # Put the VirtualAddress of the vserver into a specific traffic group @@ -144,24 +134,10 @@ And everything can be deleted as folows: A simple HTTP NATed service can be created as follows. - # Create a NATed HTTP vserver - # fapi auto resolves the IP address. fapi vserver myvserver.example.com:80 create PROTOCOL_TCP /Common/http - - # Add the pool to the vserver. + fapi vserver myvserver.example.com:80 set vlan VLANNAME fapi vserver myvserver.example.com:80 set pool foopool - # Add a NATed HTTPS vserver - fapi vserver myvserver.example.com:443 create PROTOCOL_TCP /Common/http - fapi vserver myvserver.example.com:443 set pool foopool - - # Restrict the vserver to a specific VLAN (IMPORTANT! security - # hole otherwise!) - fapi vserver myvserver.example.com:443 set vlan VLANNAME - - # Put the VirtualAddress of the vserver into a specific traffic group - fapi vip myserver.example.com set tgroup some-traffic-group - In order to make this work your application servers need to have setup a default route to the loadbalancers floating self IP. -- cgit v1.2.3 From 11907a7e5362509e3526ae1bede68c93f2e38add Mon Sep 17 00:00:00 2001 From: "Paul C. Buetow (mars.fritz.box)" Date: Fri, 16 May 2014 20:13:49 +0200 Subject: New release --- README.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'README.pod') diff --git a/README.pod b/README.pod index 225a5f6..ca50e31 100644 --- a/README.pod +++ b/README.pod @@ -148,7 +148,7 @@ routes from your application servers to the loadbalancers floating self IP. You need also to set the SNAT flag as follows: - fapi vserver myvserver.example.com:443 set snat automap + fapi vserver myvserver.example.com:80 set snat automap =head2 About the NAME argument -- cgit v1.2.3