|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
| |
04-26-2007
| #1 (permalink) |
| | Problems with NLB (F5 BIG-IP) Heya; I have an IIS/http WCF service that uses transport security and username/password authentication. All is well on a single box, but for scalability we want to but an NLB into the mix. Specifically, we have an existing F5 BIG-IP. The F5 seems determined to end the SSL at itself, and talk http to the inner server(s), but of course WCF is demanding https. Now to my mind an NLB is an essential part of any non-trivial farm, so I'm sure I must be doing something daft if WCF doesn't like it... Any ideas what I can do here? The link between the F5 and the inner farm is secure, so I'd be fine using either http or https inside - but the problem is either convincing F5 to talk SSL, or WCF to accept the inbound over http. Any input hugely appreciated, Marc |
My System Specs |
|
04-27-2007
| #2 (permalink) |
| | Re: Problems with NLB (F5 BIG-IP) Made some progress on this; IIS was having difficulty as the box hosts multiple sites; couldn't code the base address in web.config as F5 will contact each box separately, and the web.config is replicated. Instead, answer appears to be to write a ServiceHostFactory that filters the addresses accordingly and specify via the svc file. Fingers crossed... Marc |
| My System Specs |
|
05-17-2007
| #3 (permalink) |
| | Re: Problems with NLB (F5 BIG-IP) Marc, Were you able to resolve the integration issues with BIG-IP and WCF? I will eventually have to host my service behind a F5 NLB with SSL. The few posts I've read seem to indicate that this scenario cannot be accomplished by simply tweaking the web.config. Thanks Scott "Marc Gravell" <marc.gravell@gmail.com> wrote in message news:%23oDVPkKiHHA.4624@TK2MSFTNGP04.phx.gbl... > Made some progress on this; IIS was having difficulty as the box hosts > multiple sites; couldn't code the base address in web.config as F5 will > contact each box separately, and the web.config is replicated. Instead, > answer appears to be to write a ServiceHostFactory that filters the > addresses accordingly and specify via the svc file. > > Fingers crossed... > > Marc > |
| My System Specs |
|
05-21-2007
| #4 (permalink) |
| | Re: Problems with NLB (F5 BIG-IP) Yes; originally the problem was that F5 wasn't re-encrypting to talk to WCF - however you can configure this at the F5 (for convenience, I used the same certificate for the F5 as the actual IIS servers, so that if F5 is offline for maintenance I can simply re-point at the IIS farm and the certificates will still match). My second problem was pure IIS; my production server was (predictably) hosting multiple sites, and WCF was unable to resolve which one; to fix this I re-configured WCF to disregard all HTTP addresses, leaving just SSL (which only arrives on the primary IP), by using a custom ServiceHostFactory (only a handful of lines). I now have an IIS farm behind F5 running WCF over SSL very sweetly. Marrc |
| My System Specs |
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Big vista problems need help icon/background/graphics/personalise problems | Vista performance & maintenance | |||
| laptop start up problems and problems in general | General Discussion | |||
| Problems starting command prompt on cygwin on vista ultimate, problems not had on Win2k3SP2 | Vista General | |||
| 2 different vista problems. Memory dump crash and startup repair cannot fix problems | Vista General | |||
| Downgrading from 64bit Vista to 32bit, Media Center problems, web page printing problems | Vista installation & setup | |||
