|
 |  |  |  |  |  |  |
Welcome to Vista Forums we are your forum to discuss Windows Vista x64 and x86 systems. Whether you need help or just want to post an idea you have on Vista, this is the forum for you.
 |
| |||||||
| | Thread Tools | Display Modes |
04-26-2007
| #1 (permalink) |
| Guest | Problems with NLB (F5 BIG-IP) Heya; I have an IIS/http WCF service that uses transport security and username/password authentication. All is well on a single box, but for scalability we want to but an NLB into the mix. Specifically, we have an existing F5 BIG-IP. The F5 seems determined to end the SSL at itself, and talk http to the inner server(s), but of course WCF is demanding https. Now to my mind an NLB is an essential part of any non-trivial farm, so I'm sure I must be doing something daft if WCF doesn't like it... Any ideas what I can do here? The link between the F5 and the inner farm is secure, so I'd be fine using either http or https inside - but the problem is either convincing F5 to talk SSL, or WCF to accept the inbound over http. Any input hugely appreciated, Marc |
|
04-27-2007
| #2 (permalink) |
| Guest | Re: Problems with NLB (F5 BIG-IP) Made some progress on this; IIS was having difficulty as the box hosts multiple sites; couldn't code the base address in web.config as F5 will contact each box separately, and the web.config is replicated. Instead, answer appears to be to write a ServiceHostFactory that filters the addresses accordingly and specify via the svc file. Fingers crossed... Marc |
|
05-17-2007
| #3 (permalink) |
| Guest | Re: Problems with NLB (F5 BIG-IP) Marc, Were you able to resolve the integration issues with BIG-IP and WCF? I will eventually have to host my service behind a F5 NLB with SSL. The few posts I've read seem to indicate that this scenario cannot be accomplished by simply tweaking the web.config. Thanks Scott "Marc Gravell" <marc.gravell@gmail.com> wrote in message news:%23oDVPkKiHHA.4624@TK2MSFTNGP04.phx.gbl... > Made some progress on this; IIS was having difficulty as the box hosts > multiple sites; couldn't code the base address in web.config as F5 will > contact each box separately, and the web.config is replicated. Instead, > answer appears to be to write a ServiceHostFactory that filters the > addresses accordingly and specify via the svc file. > > Fingers crossed... > > Marc > |
|
05-21-2007
| #4 (permalink) |
| Guest | Re: Problems with NLB (F5 BIG-IP) Yes; originally the problem was that F5 wasn't re-encrypting to talk to WCF - however you can configure this at the F5 (for convenience, I used the same certificate for the F5 as the actual IIS servers, so that if F5 is offline for maintenance I can simply re-point at the IIS farm and the certificates will still match). My second problem was pure IIS; my production server was (predictably) hosting multiple sites, and WCF was unable to resolve which one; to fix this I re-configured WCF to disregard all HTTP addresses, leaving just SSL (which only arrives on the primary IP), by using a custom ServiceHostFactory (only a handful of lines). I now have an IIS farm behind F5 running WCF over SSL very sweetly. Marrc |
| |
| |
| Thread Tools | |
| Display Modes | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| VPC problems over AMD. Internet problems: bad request, error 400 | Jay | Virtual PC | 6 | 3 Weeks Ago 07:21 PM |
| 2 different vista problems. Memory dump crash and startup repair cannot fix problems | Hiera | Vista General | 4 | 06-28-2008 02:36 AM |
| Shrink problems/partition problems HELP | TedT | Vista performance & maintenance | 0 | 06-21-2008 02:46 AM |
| Downgrading from 64bit Vista to 32bit, Media Center problems, web page printing problems | Chris Lane | Vista installation & setup | 1 | 10-13-2007 05:58 AM |
Linear Mode
