HTTP Services

This section contains relatively simple examples of declarations that create HTTP and/or HTTP services.

Use the index on the right to locate specific examples.

1: HTTP with custom persistence

In this example, we create a simple HTTP service, which uses the AS3 pointer use to declare a custom persistence profile.

This example creates the following objects on the BIG-IP:

  • Partition (tenant) named Sample_http_01.

  • An HTTP virtual server named serviceMain (called _A1 in the BIG-IP GUI).

  • A pool named web_pool containing two members using the HTTP health monitor.

  • A custom persistence profile based on cookie persistence for JSESSIONID.

    {
      "class": "AS3",
      "action": "deploy",
      "persist": true,
      "declaration": {
        "class": "ADC",
        "schemaVersion": "3.0.0",
        "id": "fghijkl7890",
        "label": "Sample 1",
        "remark": "HTTP with custom persistence",
        "Sample_http_01": {
          "class": "Tenant",
          "A1": {
            "class": "Application",
            "template": "http",
            "serviceMain": {
              "class": "Service_HTTP",
              "virtualAddresses": [
                "10.0.6.10"
              ],
              "pool": "web_pool",
              "persistenceMethods": [{
                "use": "jsessionid"
              }]
            },
            "web_pool": {
              "class": "Pool",
              "monitors": [
                "http"
              ],
              "members": [{
                "servicePort": 80,
                "serverAddresses": [
                  "192.0.6.10",
                  "192.0.6.11"
                ]
              }]
            },
            "jsessionid": {
              "class": "Persist",
              "persistenceMethod": "cookie",
              "cookieMethod": "hash",
              "cookieName": "JSESSIONID"
            }
          }
        }
      }
    }
    

Back to top

2: HTTP with no compression, BIG-IP TCP profile, iRule for pool

In this example, we create separate internal and external pools, and use an iRule to direct traffic based on the IP address of the client. This example creates the following objects on the BIG-IP:

  • Partition (tenant) named Sample_http_02.
  • Virtual server (HTTP) named serviceMain (called _A1 in the BIG-IP GUI).
  • A TCP profile using the mptcp-mobile-optimized parent. This bigip keyword exists in the TCP profile section schema and tells the system to look for the pathname of an existing TCP profile.
  • Two pools named dfl_pool and pvt_pool, each with 2 members monitored by the default HTTP health monitor.
  • An iRule which sends internal users to a private pool based on their IP address.
{
  "class": "AS3",
  "action": "deploy",
  "persist": true,
  "declaration": {
    "class": "ADC",
    "schemaVersion": "3.0.0",
    "id": "urn:uuid:a858e55e-bbe6-42ce-a9b9-0f4ab33e3bf7",
    "label": "Sample 2",
    "remark": "HTTP with no compression, BIG-IP tcp profile, iRule for pool",
    "constants": {
      "myNotes": "F5 suggested I timestamp declarations, so...",
      "timestamp": "2017-11-27T18:26:45Z",
      "anotherProperty": "And I can put anything I want here...",
      "someUsefulNumber": 3.14159265
    },
    "Sample_http_02": {
      "class": "Tenant",
      "A1": {
        "class": "Application",
        "template": "http",
        "serviceMain": {
          "class": "Service_HTTP",
          "virtualAddresses": [
            "10.0.3.10"
          ],
          "pool": "dfl_pool",
          "profileHTTPCompression": "basic",
          "iRules": [
            "choose_pool"
          ],
          "profileTCP": {
            "bigip": "/Common/mptcp-mobile-optimized"
          }
        },
        "dfl_pool": {
          "class": "Pool",
          "monitors": [
            "http"
          ],
          "members": [{
            "servicePort": 80,
            "serverAddresses": [
              "192.0.3.10",
              "192.0.3.11"
            ]
          }]
        },
        "pvt_pool": {
          "class": "Pool",
          "monitors": [
            "http"
          ],
          "members": [{
            "servicePort": 80,
            "serverAddresses": [
              "192.0.3.20",
              "192.0.3.21"
            ]
          }]
        },
        "choose_pool": {
          "class": "iRule",
          "remark": "choose private pool based on IP",
          "iRule": "when CLIENT_ACCEPTED {\nif {[IP::client_addr] starts_with \"10.\"} {\n pool `*pvt_pool`\n }\n}"
        }
      }
    }
  }
}

Back to top

3: HTTP with additional virtual service for corporate clients

This example creates the following objects on the BIG-IP:

  • Partition (tenant) named Sample_http_03.
  • Two HTTP virtual servers named serviceMain (called _A1 in the BIG-IP GUI) and pvt_vs.
  • A pool named web_pool containing two members using the HTTP health monitor. Both virtual servers reference this pool.
  • A custom persistence profile based on cookie persistence for JSESSIONID.
{
  "class": "AS3",
  "action": "deploy",
  "persist": true,
  "declaration": {
    "class": "ADC",
    "schemaVersion": "3.0.0",
    "id": "urn:uuid:76f06c5a-b673-430d-8df4-d817cb3b9f3c",
    "label": "Sample 3",
    "remark": "HTTP with extra corp-only virtual",
    "controls": {
      "trace": true
    },
    "Sample_http_03": {
      "class": "Tenant",
      "A1": {
        "class": "Application",
        "template": "http",
        "serviceMain": {
          "class": "Service_HTTP",
          "virtualAddresses": [
            "10.0.7.10"
          ],
          "pool": "web_pool",
          "persistenceMethods": [{
            "use": "jsessionid"
          }]
        },
        "pvt_vs": {
          "class": "Service_HTTP",
          "remark": "Serves corporate LAN clients only",
          "virtualAddresses": [
            [
              "10.1.7.10",
              "10.0.0.0/8"
            ]
          ],
          "snat": "auto",
          "pool": "web_pool"
        },
        "web_pool": {
          "class": "Pool",
          "monitors": [
            "http"
          ],
          "members": [{
            "servicePort": 80,
            "serverAddresses": [
              "192.0.7.10",
              "192.0.7.11"
            ]
          }]
        },
        "jsessionid": {
          "class": "Persist",
          "persistenceMethod": "cookie",
          "cookieMethod": "hash",
          "cookieName": "JSESSIONID"
        }
      }
    }
  }
}

Back to top

4: HTTP and HTTPS virtual services in one declaration

This example creates the following objects on the BIG-IP:

  • Partition (tenant) named Sample_http_04.
  • An HTTP virtual server named serviceMain (called _A1 in the BIG-IP GUI) and an HTTPS virtual server named A2.
  • A pool named gce_pool and a pool named web_pool, each containing two members using the HTTP health monitor.
  • TLS/SSL profile (including certificate and private key) named TLS_Server. In the BIG-IP UI, this is a Client SSL profile.
{
  "class": "AS3",
  "action": "deploy",
  "persist": true,
  "declaration": {
    "class": "ADC",
    "schemaVersion": "3.0.0",
    "id": "lmnop543421",
    "label": "Sample 4",
    "remark": "An HTTP and an HTTPS application",
    "controls": {
      "trace": true
    },
    "Sample_http_04": {
      "class": "Tenant",
      "A1": {
        "class": "Application",
        "template": "http",
        "serviceMain": {
          "class": "Service_HTTP",
          "virtualAddresses": [
            "10.0.9.10"
          ],
          "pool": "gce_pool"
        },
        "gce_pool": {
          "class": "Pool",
          "monitors": [
            "http"
          ],
          "members": [{
            "servicePort": 80,
            "serverAddresses": [
              "192.0.7.10",
              "192.0.7.11"
            ]
          }]
        }
      },
      "A2": {
        "class": "Application",
        "template": "https",
        "serviceMain": {
          "class": "Service_HTTPS",
          "virtualAddresses": [
            "10.0.9.20"
          ],
          "pool": "web_pool",
          "serverTLS": "webtls"
        },
        "web_pool": {
          "class": "Pool",
          "monitors": [
            "http"
          ],
          "members": [{
            "servicePort": 80,
            "serverAddresses": [
              "192.0.9.10",
              "192.0.9.11"
            ]
          }]
        },
        "webtls": {
          "class": "TLS_Server",
          "certificates": [{
            "certificate": "webcert"
          }]
        },
        "webcert": {
          "class": "Certificate",
          "remark": "in practice we recommend using a passphrase",
          "certificate": "-----BEGIN CERTIFICATE-----\nMIICnDCCAgWgAwIBAgIJAJ5n2b0OCEjwMA0GCSqGSIb3DQEBCwUAMGcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRQwEgYDVQQKDAtmNV9OZXR3b3JrczEbMBkGA1UEAwwSc2FtcGxlLmV4YW1wbGUubmV0MB4XDTE3MTEyNjE5NTAyNFoXDTE4MDIyNTE5NTAyNFowZzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFDASBgNVBAoMC2Y1X05ldHdvcmtzMRswGQYDVQQDDBJzYW1wbGUuZXhhbXBsZS5uZXQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALEsuXmSXVQpYjrZPW+WiTBjn491mwZYT7Q92V1HlSBtM6WdWlK1aZN5sovfKtOX7Yrm8xa+e4o/zJ2QYLyyv5O+t2EGN/4qUEjEAPY9mwJdfzRQy6Hyzm84J0QkTuUJ/EjNuPji3D0QJRALUTzu1UqqDCEtiN9OGyXEkh7uvb7BAgMBAAGjUDBOMB0GA1UdDgQWBBSVHPNrGWrjWyZvckQxFYWO59FRFjAfBgNVHSMEGDAWgBSVHPNrGWrjWyZvckQxFYWO59FRFjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4GBAJeJ9SEckEwPhkXOm+IuqfbUS/RcziifBCTmVyE+Fa/j9pKSYTgiEBNdbJeBEa+gPMlQtbV7Y2dy8TKx/8axVBHiXC5geDML7caxOrAyHYBpnx690xJTh5OIORBBM/a/NvaR+P3CoVebr/NPRh9oRNxnntnqvqD7SW0U3ZPe3tJc\n-----END CERTIFICATE-----",
          "privateKey": "-----BEGIN RSA PRIVATE KEY-----\nProc-Type: 4,ENCRYPTED\nDEK-Info: AES-256-CBC,D8FFCE6B255601587CB54EC29B737D31\n\nkv4Fc3Jn0Ujkj0yRjt+gQQfBLSNF2aRLUENXnlr7Xpzqu0Ahr3jS1bAAnd8IWnsR\nyILqVmKsYF2DoHh0tWiEAQ7/y/fe5DTFhK7N4Wml6kp2yVMkP6KC4ssyYPw27kjK\nDBwBZ5O8Ioej08A5sgsLCmglbmtSPHJUn14pQnMTmLOpEtOsu6S+2ibPgSNpdg0b\nCAJNG/KHe+Vkx59qNDyDeKb7FZOlsX30+y67zUq9GQqJEDuysPJ2BUNP0IJXAjst\nFIt1qNoZew+5KDYs7u/lPxcMGTirUhgI84Jy4WcDvSOsP/tKlxj04TbIE3epmSKy\n+TihHkwY7ngIGtcm3Sfqk5jz2RXoj1/Ac3SW8kVTYaOUogBhn7zAq4Wju6Et4hQG\nRGapsJp1aCeZ/a4RCDTxspcKoMaRa97/URQb0hBRGx3DGUhzpmX9zl7JI2Xa5D3R\nmdBXtjLKYJTdIMdd27prBEKhMUpae2rz5Mw4J907wZeBq/wu+zp8LAnecfTe2nGY\nE32x1U7gSEdYOGqnwxsOexb1jKgCa67Nw9TmcMPV8zmH7R9qdvgxAbAtwBl1F9OS\nfcGaC7epf1AjJLtaX7krWmzgASHl28Ynh9lmGMdv+5QYMZvKG0LOg/n3m8uJ6sKy\nIzzvaJswwn0j5P5+czyoV5CvvdCfKnNb+3jUEN8I0PPwjBGKr4B1ojwhogTM248V\nHR69D6TxFVMfGpyJhCPkbGEGbpEpcffpgKuC/mEtMqyDQXJNaV5HO6HgAJ9F1P6v\n5ehHHTMRvzCCFiwndHdlMXUjqSNjww6me6dr6LiAPbejdzhL2vWx1YqebOcwQx3G\n-----END RSA PRIVATE KEY-----",
          "passphrase": {
            "ciphertext": "ZjVmNQ==",
            "protected": "eyJhbGciOiJkaXIiLCJlbmMiOiJub25lIn0"
          }
        }
      }
    }
  }
}

Back to top

5: Two applications sharing a pool

In this example, we show a declaration that creates two applications that use the same load balancing pool. In this scenario, one of our virtual servers is for HTTP (port 80) traffic and one for HTTPS (port 443) traffic.

It creates the following objects on the BIG-IP:

  • Partition (tenant) named Sample_http_05.
  • Three virtual servers, one HTTP and one HTTPS. The names are _A1, _A2, and a _A2-Redirect (created by default to redirect port 80 traffic to 443).
  • TLS/SSL profile (including certificate and private key) named TLS_Server. In the BIG-IP UI, this is a Client SSL profile.
  • Pool named dual_pool with 2 members monitored by the default HTTP health monitor. Both virtual servers reference this same pool.
{
  "class": "AS3",
  "action": "deploy",
  "persist": true,
  "declaration": {
    "class": "ADC",
    "schemaVersion": "3.0.0",
    "id": "zyxwu8675309",
    "label": "Sample 5",
    "remark": "Two applications sharing a pool",
    "Sample_http_05": {
      "class": "Tenant",
      "Shared": {
        "class": "Application",
        "template": "shared",
        "dual_pool": {
          "class": "Pool",
          "monitors": [
            "http"
          ],
          "members": [{
            "servicePort": 80,
            "serverAddresses": [
              "192.0.10.10",
              "192.0.10.11"
            ]
          }]
        }
      },
      "A1": {
        "class": "Application",
        "template": "http",
        "serviceMain": {
          "class": "Service_HTTP",
          "virtualAddresses": [
            "10.0.10.10"
          ],
          "pool": "/Sample_05/Shared/dual_pool"
        }
      },
      "A2": {
        "class": "Application",
        "template": "https",
        "serviceMain": {
          "class": "Service_HTTPS",
          "virtualAddresses": [
            "10.0.10.20"
          ],
          "pool": "/Sample_05/Shared/dual_pool",
          "serverTLS": "webtls"
        },
        "webtls": {
          "class": "TLS_Server",
          "certificates": [{
            "certificate": "webcert"
          }]
        },
        "webcert": {
          "class": "Certificate",
          "remark": "in practice we recommend using a passphrase",
          "certificate": "-----BEGIN CERTIFICATE-----\nMIICnDCCAgWgAwIBAgIJAJ5n2b0OCEjwMA0GCSqGSIb3DQEBCwUAMGcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRQwEgYDVQQKDAtmNV9OZXR3b3JrczEbMBkGA1UEAwwSc2FtcGxlLmV4YW1wbGUubmV0MB4XDTE3MTEyNjE5NTAyNFoXDTE4MDIyNTE5NTAyNFowZzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFDASBgNVBAoMC2Y1X05ldHdvcmtzMRswGQYDVQQDDBJzYW1wbGUuZXhhbXBsZS5uZXQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALEsuXmSXVQpYjrZPW+WiTBjn491mwZYT7Q92V1HlSBtM6WdWlK1aZN5sovfKtOX7Yrm8xa+e4o/zJ2QYLyyv5O+t2EGN/4qUEjEAPY9mwJdfzRQy6Hyzm84J0QkTuUJ/EjNuPji3D0QJRALUTzu1UqqDCEtiN9OGyXEkh7uvb7BAgMBAAGjUDBOMB0GA1UdDgQWBBSVHPNrGWrjWyZvckQxFYWO59FRFjAfBgNVHSMEGDAWgBSVHPNrGWrjWyZvckQxFYWO59FRFjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4GBAJeJ9SEckEwPhkXOm+IuqfbUS/RcziifBCTmVyE+Fa/j9pKSYTgiEBNdbJeBEa+gPMlQtbV7Y2dy8TKx/8axVBHiXC5geDML7caxOrAyHYBpnx690xJTh5OIORBBM/a/NvaR+P3CoVebr/NPRh9oRNxnntnqvqD7SW0U3ZPe3tJc\n-----END CERTIFICATE-----",
          "privateKey": "-----BEGIN RSA PRIVATE KEY-----\nProc-Type: 4,ENCRYPTED\nDEK-Info: AES-256-CBC,D8FFCE6B255601587CB54EC29B737D31\n\nkv4Fc3Jn0Ujkj0yRjt+gQQfBLSNF2aRLUENXnlr7Xpzqu0Ahr3jS1bAAnd8IWnsR\nyILqVmKsYF2DoHh0tWiEAQ7/y/fe5DTFhK7N4Wml6kp2yVMkP6KC4ssyYPw27kjK\nDBwBZ5O8Ioej08A5sgsLCmglbmtSPHJUn14pQnMTmLOpEtOsu6S+2ibPgSNpdg0b\nCAJNG/KHe+Vkx59qNDyDeKb7FZOlsX30+y67zUq9GQqJEDuysPJ2BUNP0IJXAjst\nFIt1qNoZew+5KDYs7u/lPxcMGTirUhgI84Jy4WcDvSOsP/tKlxj04TbIE3epmSKy\n+TihHkwY7ngIGtcm3Sfqk5jz2RXoj1/Ac3SW8kVTYaOUogBhn7zAq4Wju6Et4hQG\nRGapsJp1aCeZ/a4RCDTxspcKoMaRa97/URQb0hBRGx3DGUhzpmX9zl7JI2Xa5D3R\nmdBXtjLKYJTdIMdd27prBEKhMUpae2rz5Mw4J907wZeBq/wu+zp8LAnecfTe2nGY\nE32x1U7gSEdYOGqnwxsOexb1jKgCa67Nw9TmcMPV8zmH7R9qdvgxAbAtwBl1F9OS\nfcGaC7epf1AjJLtaX7krWmzgASHl28Ynh9lmGMdv+5QYMZvKG0LOg/n3m8uJ6sKy\nIzzvaJswwn0j5P5+czyoV5CvvdCfKnNb+3jUEN8I0PPwjBGKr4B1ojwhogTM248V\nHR69D6TxFVMfGpyJhCPkbGEGbpEpcffpgKuC/mEtMqyDQXJNaV5HO6HgAJ9F1P6v\n5ehHHTMRvzCCFiwndHdlMXUjqSNjww6me6dr6LiAPbejdzhL2vWx1YqebOcwQx3G\n-----END RSA PRIVATE KEY-----",
          "passphrase": {
            "ciphertext": "ZjVmNQ==",
            "protected": "eyJhbGciOiJkaXIiLCJlbmMiOiJub25lIn0"
          }
        }
      }
    }
  }
}

Back to top


6: One tenant with three applications

This example attempts to clarify the naming conventions used by AS3 when it comes to applications and using the name serviceMain with the required property template. When creating an application service (virtual server on the BIG-IP) in a tenant using AS3, and using one of the templates (http, https, tcp, udp, l4) that is not generic or shared, the application service name MUST be serviceMain. AS3 assigns some default profiles to the serviceMain service that match the template type you specified (such as a default HTTP profile to the service using template HTTP).

If you want to name your service something other than serviceMain, use “template”: “generic” in the application service portion of your declaration. You can still use the class property in the application service to specify Service_HTTP or Service_TCP for example, but for each application service in a tenant that uses one of the templates (http, https, tcp, udp, l4), you must use the name serviceMain for your application service.

This declaration creates the following objects on the BIG-IP:

  • Partition (tenant) named Sample_http_06.
  • Virtual servers named serviceMain, AnyName, and AnotherName.
  • A pool named web_pool used by serviceMain and a pool named web_pool2 used by AnyName, both monitored by the default http health monitor.
  • A pool named web_pool3 used by AnotherName monitored by the default tcp monitor.
{
    "class": "AS3",
    "action": "deploy",
    "persist": true,
    "declaration": {
       "class": "ADC",
       "schemaVersion": "3.0.0",
       "id": "fghijkl7890",
       "label": "Sample 6",
       "remark": "HTTP two applications",
       "Sample_http_06": {
          "class": "Tenant",
          "A1": {
             "class": "Application",
             "template": "http",
             "serviceMain": {
                "class": "Service_HTTP",
                "virtualAddresses": [
                   "10.0.6.100"
                ],
                "pool": "web_pool"
             },
             "web_pool": {
                "class": "Pool",
                "monitors": [
                   "http"
                ],
                "members": [{
                   "servicePort": 80,
                   "serverAddresses": [
                      "192.0.6.10",
                      "192.0.6.11"
                   ]
                }]
             }
          },
          "A2": {
             "class": "Application",
             "template": "generic",
             "AnyName": {
                "class": "Service_HTTP",
                "virtualAddresses": [
                   "10.0.6.111"
                ],
                "pool": "web_pool2",
                "virtualPort": 80
             },
             "web_pool2": {
                "class": "Pool",
                "monitors": [
                   "http"
                ],
                "members": [{
                   "servicePort": 80,
                   "serverAddresses": [
                      "192.0.6.111",
                      "192.0.6.121"
                   ]
                }]
             }
          },
          "A3": {
            "class": "Application",
            "template": "generic",
            "AnotherName": {
               "class": "Service_TCP",
               "virtualAddresses": [
                  "10.0.6.14"
               ],
               "pool": "web_pool3",
               "virtualPort": 80
            },
            "web_pool3": {
               "class": "Pool",
               "monitors": [
                  "tcp"
               ],
               "members": [{
                  "servicePort": 21,
                  "serverAddresses": [
                     "192.0.6.141",
                     "192.0.6.142"
                  ]
               }]
            }
         }
       }
    }
}
  

Back to top

6a: Single application with multiple services

This example attempts to further clarify the serviceMain naming requirement. There are two main things to keep in mind when using one of the templates (http, https, tcp, udp, l4) that is not generic or shared:

  • If you have a single application with multiple services (virtual servers), only the first service must be named serviceMain.
  • If you have many applications each with a single service, then each service must be named serviceMain.

This example shows a single application with multiple services. The first one is named serviceMain to meet the requirement, the next one is named anotherVirtualName.

This declaration creates the following objects on the BIG-IP:

  • Partition (tenant) named Sample_http_06a.
  • An application named MyWebApp1.
  • Virtual servers named serviceMain and anotherVirtualName.
  • A pool named MyWebPool1 used by serviceMain and a pool named MyWebPool2 used by anotherVirtualName.
{
    "class": "ADC",
    "schemaVersion": "3.0.0",
    "id": "example2vs",
    "Sample_http_06a": {
      "class": "Tenant",
      "MyWebApp1": {
        "class": "Application",
        "template": "http",
        "serviceMain": {
          "class": "Service_HTTP",
          "virtualAddresses": [
            "10.0.100.35"
          ],
          "pool": "MyWebPool1",
          "persistenceMethods": []
        },
        "anotherVirtualName": {
          "class": "Service_TCP",
          "virtualAddresses": [
            "10.0.0.1"
          ],
          "virtualPort": 1344,
          "pool": "MyWebPool2",
          "profileTCP": { "bigip": "/Common/tcp" }
        },
        "MyWebPool1": {
          "class": "Pool",
          "members": [
            {
              "servicePort": 80,
              "serverAddresses": [
                "10.0.2.20",
                "10.0.2.21"
              ]
            }
          ]
        },
        "MyWebPool2": {
            "class": "Pool",
            "members": [
              {
                "servicePort": 1344,
                "serverAddresses": [
                  "10.0.2.20",
                  "10.0.2.21"
                ]
              }
            ]
          }
      }
    }
  }
  

Back to top

7: Virtual server listening on multiple ports on the same address

This example shows how you can compose a declaration with services using the same virtual IP address, but using multiple ports.

This declaration creates the following objects on the BIG-IP:

  • Partition (tenant) named Sample_http_07.
  • Three virtual servers: serviceMain, service_on_port81, and service_on_port82, all using the same IP address (10.1.10.10), but listening on different ports.
  • Three pools: web_pool80, web_pool81, and web_pool82, all monitored by the default http health monitor.
{
    "class": "ADC",
    "schemaVersion": "3.2.0",
    "id": "8675309",
    "Sample_http_07": {
        "class": "Tenant",
        "A1": {
            "class": "Application",
            "template": "http",
            "serviceMain": {
                "class": "Service_HTTP",
                "remark": "Defaults to port 80",
                "virtualAddresses": [ "10.1.10.10" ],
                "pool": "web_pool80"},
                "web_pool80": {
                    "class": "Pool",
                    "monitors": [
                        "http"
                    ],
                    "members": [
                        {
                            "servicePort": 80,
                            "serverAddresses": [
                                "10.128.0.209"
                            ]
                        }
                    ]
                },
            "service_on_port81": {
                "class": "Service_HTTP",
                "remark": "Accepts HTTP connections on port 81",
                "virtualPort": 81,
                "virtualAddresses": [ "10.1.10.10" ],
                "pool": "web_pool81"},
                "web_pool81": {
                              "class": "Pool",
                    "monitors": [
                        "http"
                    ],
                    "members": [
                              {
                            "servicePort": 81,
                             "serverAddresses": [
                                "10.128.0.210"
                            ]
                              }
                    ]
                },
            "service_on_port82": {
                "class": "Service_HTTP",
                "remark": "Accepts HTTP connections on port 82",
                "virtualAddresses": [ "10.1.10.10" ],
                "virtualPort": 82,
                "pool": "web_pool82"},
                 "web_pool82": {
                    "class": "Pool",
                    "monitors": [
                        "http"
                    ],
                    "members": [
                        {
                            "servicePort": 82,
                           "serverAddresses": [
                                "10.128.0.211"
                            ]
                        }
                    ]
                 }
        }
    }
}

Back to top

8: Using a Local Traffic Policy to forward HTTP Requests

This example uses a BIG-IP Local Traffic Policy with URL Routing that forwards any HTTP requests that have a path containing example.com to the pool web_pool. For more information, see Local Traffic Policy in the BIG-IP documentation. For usage, see Endpoint_Policy in Schema Reference.

This declaration creates the following objects on the BIG-IP:

  • Partition (tenant) named Sample_http_08.
  • A virtual server named serviceMain.
  • A pool named web_pool monitored by the default http health monitor.
  • A BIG-IP Local Traffic Policy with a rule that forwards any request for example.com to the web_pool.
{
  "class": "ADC",
  "schemaVersion": "3.2.0",
  "id": "ltm_policy",
  "label": "",
  "remark": "Simple HTTP application with LTM policy",
  "Sample_http_08": {
    "class": "Tenant",
    "A1": {
      "class": "Application",
      "template": "http",
      "serviceMain": {
        "class": "Service_HTTP",
        "virtualAddresses": [
          "10.0.1.10"
        ],
        "policyEndpoint": "forward_policy"
      },
      "web_pool": {
        "class": "Pool",
        "monitors": [
          "http"
        ],
        "members": [{
          "servicePort": 80,
          "serverAddresses": [
            "192.0.2.10",
            "192.0.2.11"
          ]
        }]
      },
      "forward_policy": {
        "class": "Endpoint_Policy",
        "rules": [{
          "name": "forward_to_pool",
          "conditions": [{
            "type": "httpUri",
            "path": {
              "operand": "contains",
              "values": ["example.com"]
            }
          }],
          "actions": [{
            "type": "forward",
            "event": "request",
            "select": {
              "pool": {
                "use": "web_pool"
              }
            }
          }]
        }]
      }
    }
  }
}

Back to top

8: Enabling NAT64 in a declaration

This example shows how to enable NAT64 in an AS3 declaration. NAT64 maps IPv6 addresses to IPv4 destinations, and is either enabled or disabled by using nat64Enabled property using true or false values (false is the default). For more information on NAT64, see the IP Address Sharing in Large Scale Networks deployment guide; while this guide was written for older versions of the BIG-IP, the information is still valid. You can also see the Service classes in the Schema Reference, for example Service_HTTP class.

This declaration creates the following objects on the BIG-IP:

  • Partition (tenant) named example_NAT64.
  • A virtual server named serviceMain with an IPv6 address and NAT64 enabled.
  • A pool named web_pool monitored by the default http health monitor.
{
    "class": "ADC",
    "schemaVersion": "3.14.0",
    "example_NAT64": {
        "class": "Tenant",
        "App1": {
            "class": "Application",
            "template": "http",
            "serviceMain": {
                "class": "Service_HTTP",
                "virtualAddresses": [
                    "9161:7904:7539:6023:5c73:2b27:50c6:46ce"
                ],
                "pool": "web_pool",
                "nat64Enabled": true
            },
            "web_pool": {
                "class": "Pool",
                "monitors": [
                    "http"
                ],
                "members": [
                    {
                        "servicePort": 80,
                        "serverAddresses": [
                            "192.0.1.10",
                            "192.0.1.11"
                        ]
                    }
                ]
            }
        }
    }
}

Back to top