The second "if"

Anyone knows why ?

 

Thanks.

Hello puma,

Here is a version of your rule with indentation to show how the if/else's line up:

if (http_uri contains "/admin") {
   redirect to "https://" + tolower(http_host) + tolower(http_uri)
   if (http_uri contains "/logon.aspx") {
      log "sslpool2" + client_addr
      use pool pool2
   }
   else {
      discard
   }
}
else {
   use pool1
}

If a client makes a request that starts with "/admin", they will be redirected to https://ORIGINAL_HOST/ORIGINAL_URI. If the request containing "/logon.aspx" always starts with /admin, then the second if will never be reached and pool2 will never be used.

Here is the description of what you described you want to happen:

I have a website which consists of http and https, let say https://www.mysite.com/admin/logon.aspx. If an user goes to http://www.mysite.com, the Big IP needs to send traffic to pool1 which loads balance across the nodes. If an user goes to logon.aspx, the Big IP needs to send traffic to pool2 and pool2 consist of a single node.

If I understand your scenario correctly, you have an HTTP virtual server and an SSL proxy on the same host name/IP address. After that, I get a bit confused on how you want the traffic handled.

Do you want all requests containing /admin made via HTTP to be redirected to the SSL proxy?

Do you want any other request (except if it contains /admin) made via HTTP to be load balanced to the pool?

Do you want requests that contain /logon.aspx to be load balanced to pool2, regardless of whether they were made via HTTP or HTTPS?

What traffic do you want discarded?

What traffic do you want to go to pool1?

Perhaps you can provide more detail on the exact logic you want to build into your rule. In general, I think you'll want to come up with two versions of the rule: one for the HTTP virtual server and one for the SSL proxy.

Aaron

Your second if has no chance to be executed because the the evaluation terminates on the redirect to statement. Rule evaluation terminates if a use, redirect to or discard statement is reached. I'm not sure what you want to achieve. It is not clear from your description whether http://www.mysite.com/admin/logon.aspx should be sent to pool2 or a redirected to HTTPS.

Thanks for all your responses.

 

 

To further clarify my post is that

 

Do you want all requests containing /admin made via HTTP to be redirected to the SSL proxy?

 

Yes, I do. and if uri contains /admin/logon.aspx, then send traffic to pool2. Otherwise, discard the traffic.

 

 

Do you want any other request (except if it contains /admin) made via HTTP to be load balanced to the pool?

 

Yes, I do. If a http traffic without uri /admin or /logon.aspx, then send it to pool1.

 

 

Do you want requests that contain /logon.aspx to be load balanced to pool2, regardless of whether they were made via HTTP or HTTPS?

 

I want a request that contains /admin and /logon to be redirected to https then send it to pool2.

 

 

What traffic do you want discarded?

 

I'm not so sure, but if uri contains only /admin without logon.aspx, then discard it.

 

 

What traffic do you want to go to pool1?

 

http traffic or uri doesn't contain /admin or logon.aspx.

 

 

Basically I want an irules that can at first redirect http to https if uri contains /admin/logon.aspx, then send to admin pool. This traffic designs for admin users only. If a regular users go to the site, the Big IP doesn't have to redirect from http to https and send regular users to to non admin pool.

 

 

Thanks again.

Thanks mmac.

 

 

I want to redirect http traffic to https if uri contains /admin and logon.aspx, then send the traffic to admin pool which is pool1. If a regular users goes to the site, then the traffic is just a http and goes to non admin pool which is pool2.

Can you please give me an idea how to have 2 rules apply to a single virtual server? I know how in version 9.x, but not sure how to have 2 rules in version 4.x.

 

 

Thanks.

In v4.x a virtual can reference only one rule.