Accelerating Traffic with a Local Traffic Policy

About classifying types of HTTP traffic with a local traffic policy

An application that runs on a virtual server accelerates all HTTP traffic. You can, however, use a local traffic policy to classify types of HTTP traffic for the BIG-IP^® system to accelerate, by specifying hosts, paths, headers, and cookies.

Important: Although you can use a local traffic policy to classify the types of HTTP traffic to accelerate, the local traffic policy overrides the Web Acceleration profile on the virtual server. Acceleration of HTTP traffic with the BIG-IP system should primarily be configured through a Web Acceleration profile, instead of a local traffic policy.

Local traffic policy matching Strategies settings

This table summarizes the strategies used for traffic policy matching.

Matching strategy	Description
First-match strategy	A first-match strategy executes the actions for the first rule in the Rules list that matches.
Best-match strategy	A best-match strategy selects and executes the actions of the rule in the Rules list with the best match, as determined by the following factors. The number of conditions and operands that match the rule. The length of the matched value for the rule. The priority of the operands for the rule. Note: In a best-match strategy, when multiple rules match and specify an action, conflicting or otherwise, only the action of the best-match rule is executed. A best-match rule can be the lowest ordinal, the highest priority, or the first rule that matches in the Rules list.
All-match strategy	An all-match strategy executes the actions for all rules in the Rules list that match. Note: In an all-match strategy, when multiple rules match, but specify conflicting actions, only the action of the best-match rule is executed. A best-match rule can be the lowest ordinal, the highest priority, or the first rule that matches in the Rules list.

Local traffic policy matching Requires profile settings

This table summarizes the profile settings that are required for local traffic policy matching.

Requires Setting	Description
http	Specifies that the policy matching requires an HTTP profile.
ssl	Specifies that the policy matching requires a Client SSL profile.
tcp	Specifies that the policy matching requires a TCP profile.

Local traffic policy matching Controls settings

This table summarizes the controls settings that are required for local traffic policy matching.

Controls Setting	Description
acceleration	Provides controls associated with acceleration functionality.
caching	Provides controls associated with caching functionality.
classification	Provides controls associated with classification.
compression	Provides controls associated with HTTP compression.
forwarding	Provides controls associated with forwarding functionality.
persistence	Provides controls associated with persistence functionality.
request-adaptation	Provides controls associated with request-adaptation functionality.
response-adaptation	Provides controls associated with response-adaptation functionality.
server-ssl	Provides controls associated with server-ssl functionality.

Local traffic policy matching condition types

This table summarizes the types of conditions used in policy matching.

Condition Type	Selectors and Parameters	Valid Events	Options
Client SSL	cipher cipher-bits protocol	response request	Skip this condition if it is missing from the request Use case sensitive string comparison
CPU Usage	15 seconds 1 minute 5 minutes	response request ssl client hello ssl server handshake ssl server hello
Geo. IP	continent country code country name isp organization region code region name	response request ssl client hello ssl server handshake ssl server hello	Apply to traffic on remote or local side of external or internal interface. Skip this condition if it is missing from the request Use case sensitive string comparison
HTTP Basic Auth.	password username		Skip this condition if it is missing from the request Use case sensitive string comparison
HTTP Cookie	named		Skip this condition if it is missing from the request Use case sensitive string comparison
HTTP Header	named	response request	Skip this condition if it is missing from the request Use case sensitive string comparison
HTTP Host	host port full string		Skip this condition if it is missing from the request Use case sensitive string comparison
HTTP Method	(Specify the string for the method.)		Skip this condition if it is missing from the request Use case sensitive string comparison
HTTP Referer	all extension host path path-segment port query-parameter query-string scheme unnamed-query- parameter full string	request	Skip this condition if it is missing from the request Use case sensitive string comparison
HTTP Set Cookie	named domain expiry path value version		Skip this condition if it is missing from the request Use case sensitive string comparison
HTTP Status	code text full string
HTTP URI	extension host path path-segment port query-parameter query-string scheme unnamed-query- parameter full string		Skip this condition if it is missing from the request Use case sensitive string comparison
HTTP Version	major minor protocol full string		Use case-sensitive string comparison
SSL Certificate	with index		Skip this condition if it is missing from the sslServerHandshake. Use case-sensitive string comparison
SSL Extension	alpn npn server name	ssl client hello ssl server hello	Skip this condition if it is missing from the sslClientHello. Use case-sensitive string comparison
TCP	address mss port route-domain rtt vlan vlan-id	response request ssl client hello ssl server handshake ssl server hello	Apply to traffic on remote or local side of external or internal interface. Use case sensitive string comparison
WebSocket	extension key protocol version	websocket request websocket response	Skip this condition if it is missing from the sslClientHello. Use case-sensitive string comparison

Local traffic policy matching Actions operands

This table summarizes the actions associated with the conditions of the rule used in policy matching.

Target	Type	Valid Events	Action
acceleration	string/number	request	disable enable
cache	string	request response	disable enable pin true
compress	string	request response	disable enable
decompress	string	request response	disable enable
forward	string	request	reset select clone-pool member nexthop node pool rateclass snat snatpool vlan vlan-id
http-cookie	string	request	insert name (required) value (required) Note: This parameter supports Tcl expressions. remove name (required)
http-header	string/number	request response	insert name (required) value (required) Note: This parameter supports Tcl expressions. remove name (required) replace name (required) value (required) Note: This parameter supports Tcl expressions.
http-host	string	request	replace value Note: This parameter supports Tcl expressions.
http-referer	string	request	insert value (required) Note: This parameter supports Tcl expressions. remove replace value Note: This parameter supports Tcl expressions.
http-reply	string	request response	redirect location (required) Note: This parameter supports Tcl expressions.
http-set-cookie	string/number	response	insert name (required) domain Note: This parameter supports Tcl expressions. path Note: This parameter supports Tcl expressions. value (required) Note: This parameter supports Tcl expressions. remove name (required)
http-uri	string/number	response	replace path Note: This parameter supports Tcl expressions. query-string Note: This parameter supports Tcl expressions. value Note: This parameter supports Tcl expressions.
log	string/number	request response	write message (required) Note: This parameter supports Tcl expressions.
pem	string/number	request response	classify application category defer protocol
persist	string/number	request response	disable source-address carp Note: This parameter supports Tcl expressions. cookie-hash cookie-insert cookie-passive cookie-rewrite destination-address disable hash Note: This parameter supports Tcl expressions. source-address universal Note: This parameter supports Tcl expressions.
request-adapt	string/number	request response	disable enable
response-adapt	string/number	request response	disable enable
server-ssl	string/number	request	disable enable
tcl	string/number	request response	set-variable name (required) expression (required) Note: This parameter supports Tcl expressions.
tcp-nagle	string/number	request	disable enable

Subscriptions

Product Usage

Trials

Registration Keys

Downloads

Applies To:

BIG-IP AAM

About classifying types of HTTP traffic with a local traffic policy

Local traffic policy matching Strategies settings

Local traffic policy matching Requires profile settings

Local traffic policy matching Controls settings

Local traffic policy matching condition types

Local traffic policy matching Actions operands

Have a Question?

About F5

Education

F5 Sites

Support Tasks

Subscriptions

Product Usage

Trials

Registration Keys

Downloads

Applies To:

BIG-IP AAM

About classifying types of HTTP traffic with a local traffic policy

Local traffic policy matching Strategies settings

Local traffic policy matching Requires profile settings

Local traffic policy matching Controls settings

Local traffic policy matching condition types

Local traffic policy matching Actions operands

Have a Question?

Follow Us

About F5

Education

F5 Sites

Support Tasks