Durga_Dash_2124
Jun 02, 2008Nimbostratus
Shared Virtual Server HTTP to HTTPS redirect
I want to build a single virtual server that will respond to requests both on port 80 and 443. I want port 80 traffic to be redirected to port 443. Also the servers on the internal pool listen on both 80 and 443 and they redirect all traffic to 443 except if the source is the Big-Ip. This we achieve by writing a server side script that looks at the HTTP header of the client request and if it has a variable 'SSLClientCipher' it assumes it is F5 and does not redirect that traffic to 443 but keeps it on port 80.
So i have the following irule in place:
-----------
rule httptossl_insertcipher {
when HTTP_REQUEST {
if { [TCP::local_port] == 80 }{
log local0. "in HTTP_REQUEST"
HTTP::respond 301 Location "https://[getfield [HTTP::host] : 1][HTTP::uri]"
}
elseif { [TCP::local_port] == 443}{
log local0. "in HTTPS_REQUEST"
HTTP::header insert SSLClientCipher [SSL::cipher name],\x20version=[SSL::cipher version],\x20bits=[SSL::cipher bits]
}
else {
log local0. "in Reject_REQUEST"
reject
}
}
}
-----------------
This is what my virtual server configuration looks like
virtual Test_CLIN {
destination 10.50.1.77:any
ip protocol tcp
translate service enable
profile http tcp wwwadirondocorg
persist cookie
pool ARCHIE_CLIN
rule httptossl_insertcipher
vlans external enable
}
----------------
I have enabled port translation on the vs to make sure it goes to port 80 on the pool.
..and this is my pool
pool ARCHIE_CLIN {
lb method member predictive
monitor all http
member 10.50.10.2:http session disable
member 10.50.10.42:http
member 10.50.10.82:http session disable
}
---
With this configuration https links work..but if i try to hit the virtual server on port 80 the virtual server closes the connection.
irule debugs don't generate any logs in /var/log/ltm when i try http but tcpdump shows..the virtual server closing out the client connection.
Not sure if this is the correct forum i.e. if this is an irule issue...
Any help is appreciated.
Thanks
Durga.