How do I add a Virtual IP and Virtual Service?

A Virtual Service is fronted by Virtual IP, and services as the main Ingress point.

A Virtual Service can consist of a single service or a collection of services beneath the master Virtual Service. Please take a look at the images below.

In this example, we can see the Virtual Service 10.0.0.120. This virtual service comprises the main service on port 80 and two additional sub-services on ports 443 and 5400, respectively. There are three Real Servers in this example.

To add a main Virtual Service and sub-services, please do the following:

• Click Add Service
• Fill out the IP Address for the Virtual IP.
• Fill out the Subnet Mask.
• Enter the Port number for ingress.
• Select the Service Type required.
• The Real Server data row will be presented, and you should now enter your first Real Server.
• Enter any additional Real Servers by using the Copy Server function.
• The final steps are to complete the BASIC and ADVANCED tabs.
• Click on the Basic Tab.

• In the Basic tab, you will see a number of drop-down menus.
• First, you will need to choose your Load Balancing Policy. There are a number of choices available, and you must make sure you choose the one most appropriate for your requirements.

• Next, you will need to choose the type of Server Health Monitoring you need to employ. Server Health Monitoring allows the ADC to check whether your servers and applications are running properly. There are a number of pre-defined monitors available, and the ADC provides you with the ability to create custom ones to suit your needs. See the section on monitoring.
• Caching Strategy is next. The caching methods are defined in Library > Cache within the ADC’s GUI.
• Compression is the next setting and allows the ADC to compress content in memory enabling faster experiences for the users.
• Virtual Service SSL and Real Server SSL certificates are next.
  • The Virtual Service SSL is used to allocate the appropriate SSL certificate to the Virtual Service. This can consist of a single SSL certificate, or multiple using SNI.
  • The Real Server SSL certificate is used to set the SSL certificate to be used for the target load balanced server set. If multiple SSL certificates are allocated in the Virtual Service setting, then SNI must be used in this setting.
• Finally click Update to set your choices.
• Next comes the Advanced Tab

The Advanced tab contains a number of settings, and we will explain some of them here.

• Connectivity: This section explains the methods by which the ADC handles traffic coming through it, in terms of ingress to the servers and egress back to the client.
  • Reverse Proxy – A reverse proxy in an Application Delivery Controller (ADC) acts like a gatekeeper for servers. Imagine you’re sending a letter to a big company. Instead of addressing it to someone specific, you send it to their main office. The reverse proxy is like the receptionist at the main office who receives your letter and decides who in the building should get it based on what it’s about. In the digital world, when you visit a website, the reverse proxy decides which server among many will handle your request, improving security, speed, and managing traffic efficiently without you knowing which specific server you’re interacting with.
  • Gateway Mode – Gateway mode in an Application Delivery Controller (ADC) acts like a bridge that connects different networks, allowing them to communicate with each other efficiently. In this mode, the ADC directs incoming traffic from external networks (like the internet) to the appropriate servers within an internal network (like a company’s private network), based on the content of the requests. This helps in load balancing, ensures smooth traffic flow, and enhances security by controlling which traffic is allowed through. It’s a bit like a well-organized traffic system for data, making sure that everything gets to where it needs to go safely and efficiently.
  • NAT Mode – In an Application Delivery Controller (ADC), NAT mode, or Network Address Translation mode, is a setup where the ADC acts as an intermediary between clients and servers, modifying the IP addresses in the packet headers. Essentially, it translates the public IP addresses of clients to the private IP addresses of the servers (and vice versa) as traffic passes through it. This allows for efficient routing, helps in hiding the internal network structure, and enables the reuse of IP addresses, making it easier to manage network resources and enhance security.
  • Direct Server Return – Direct Server Return (DSR) in an Application Delivery Controller (ADC) is a network architecture technique where client requests are directed to the servers via the ADC, but the servers reply directly to the clients, bypassing the ADC on the way back. This setup reduces the load on the ADC, as it only handles incoming traffic, allowing for quicker response times and more efficient handling of connections, especially beneficial for high-traffic sites and applications.