Big-IP Load Balancer Problem

Sep 27, 2011 at 11:25 AM
Edited Sep 27, 2011 at 1:20 PM

I have read this discussion, but my problem is a bit of different.

We are having two different servers(different IPs) and Big-IP does the load balancing. Load balancing works fine without waffle filter.

The application also works fine with waffle filter IF called by ip-address:port.

But it fails if called by DNS such as In this case nothing shows up.

So as per my understanding there is some issue with Big-IP and waffle filter communication.

Please help.

Here is request-response --


GET /crmtest/ HTTP/1.1


Accept: image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/x-shockwave-flash, application/, application/, application/msword, application/x-silverlight, application/xaml+xml, application/, application/x-ms-xbap, application/x-ms-application, */*

Accept-Language: en-us

User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)

Accept-Encoding: gzip, deflate

Host: our_host_name

Connection: Keep-Alive

Cookie: JSESSIONID=96E8AE1D70DEF0DAE4BD7C5B3644F714; BIGipServerpCRMTestPune.8080=2218943498.36895.0000; BIGipServerpCRMTest.8080=2118280202.36895.0000


HTTP/1.0 302 Found

Location: https://URL

Server: BigIP

Connection: Keep-Alive

Content-Length: 0

On server log following lines are continuously keep appending -

<2011-09-27 05:11:32,928> <INFO > <NegotiateSecurityFilter> <NegotiateSecurityFilter:doFilter:?> - GET /crmtest/, contentlength: -1
<2011-09-27 05:11:32,928> <INFO > <NegotiateSecurityFilter> <NegotiateSecurityFilter:doFilter:?> - authorization required

Sep 28, 2011 at 12:53 AM

It looks like Waffle says "authorization required" and wants to return a 401 (that's what comes with this message). But whatever is in front of it changes it to a 302, redirect to some login page? This HTTP conversation above should be a 401.