Forum Discussion

10 Replies

Sort By
  • Arie's avatar
    Arie
    Icon for Altostratus rankAltostratus
    Nov 12, 2014

    Could you supply a bit more information? For instance, what do the requests look like? Do you need to redirect based on the IP-address or the path?

     

  • Ian_Rickerby_17's avatar
    Ian_Rickerby_17
    Icon for Nimbostratus rankNimbostratus
    Nov 20, 2014

    Apologies the dev central mail got quarantined, hence the slowness of response I am trying to do the following

     

    Translation of URL containing a store Id to private IP inside our network, ie. the Server will send a request to the F5 Vip, within the url will be the store ID, I then want the F5 to look up the stor ID and forward the request to the correct store IP The URL will look like -> https://10.226.1.10/rest/of/url -> https://10.226.1.20/rest/of/url There will be approx 200 stores

     

    Store Id Store private IP 0001 10.226.1.10 0002 10.226.1.20 0003 10.226.1.30 etc

     

  • nitass_89166's avatar
    nitass_89166
    Icon for Noctilucent rankNoctilucent
    Nov 23, 2014

    e.g.

     configuration

root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
    destination 172.28.24.10:80
    ip-protocol tcp
    mask 255.255.255.255
    profiles {
        http { }
        tcp { }
    }
    rules {
        qux
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    vs-index 2
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
    when HTTP_REQUEST {
  set storeid [URI::path [HTTP::uri] 1 1]
  if { [class match -- $storeid equals storeid_to_ip] } {
    set ip [class match -value -- $storeid equals storeid_to_ip]
    HTTP::header replace Host $ip
    HTTP::uri [string map [list $storeid /] [HTTP::uri]]
    node $ip
  }
}
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm data-group internal storeid_to_ip
ltm data-group internal storeid_to_ip {
    records {
        /0001/ {
            data 200.200.200.101
        }
        /0002/ {
            data 200.200.200.111
        }
    }
    type string
}

 trace

[root@ve11a:Active:In Sync] config  ssldump -Aed -nni 0.0 port 80
New TCP connection 1: 172.28.24.1(36489) <-> 172.28.24.10(80)
1416743408.3850 (0.0015)  C>S
---------------------------------------------------------------
GET /0001/rest/of/url HTTP/1.1
User-Agent: curl/7.29.0
Accept: */*
Host: f5-retail

---------------------------------------------------------------

New TCP connection 2: 200.200.200.11(36489) <-> 200.200.200.101(80)
1416743408.3868 (0.0004)  C>S
---------------------------------------------------------------
GET /rest/of/url HTTP/1.1
User-Agent: curl/7.29.0
Accept: */*
Host: 200.200.200.101

---------------------------------------------------------------
    • Ian_Rickerby_17's avatar
      Ian_Rickerby_17
      Icon for Nimbostratus rankNimbostratus
      Dec 05, 2014
      Hi Thanks for this I thought I had this working but actually although the script runs It then uses the associated pool and load balances the connections in the normal manner I notice that you do not have a pool associated with your virtual server, however I am unable to create a virtual server without a pool. I have added the ltm virtual f5-retail { description "Broker" destination 10.127.10.144:http ip-protocol tcp mask 255.255.255.255 pool Retail profiles { http { } tcp { } } rules { qux } source 0.0.0.0/0 source-address-translation { type automap } vlans { VIP-VLAN } vlans-enabled }
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Nov 23, 2014

    e.g.

     configuration

root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
    destination 172.28.24.10:80
    ip-protocol tcp
    mask 255.255.255.255
    profiles {
        http { }
        tcp { }
    }
    rules {
        qux
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    vs-index 2
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
    when HTTP_REQUEST {
  set storeid [URI::path [HTTP::uri] 1 1]
  if { [class match -- $storeid equals storeid_to_ip] } {
    set ip [class match -value -- $storeid equals storeid_to_ip]
    HTTP::header replace Host $ip
    HTTP::uri [string map [list $storeid /] [HTTP::uri]]
    node $ip
  }
}
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm data-group internal storeid_to_ip
ltm data-group internal storeid_to_ip {
    records {
        /0001/ {
            data 200.200.200.101
        }
        /0002/ {
            data 200.200.200.111
        }
    }
    type string
}

 trace

[root@ve11a:Active:In Sync] config  ssldump -Aed -nni 0.0 port 80
New TCP connection 1: 172.28.24.1(36489) <-> 172.28.24.10(80)
1416743408.3850 (0.0015)  C>S
---------------------------------------------------------------
GET /0001/rest/of/url HTTP/1.1
User-Agent: curl/7.29.0
Accept: */*
Host: f5-retail

---------------------------------------------------------------

New TCP connection 2: 200.200.200.11(36489) <-> 200.200.200.101(80)
1416743408.3868 (0.0004)  C>S
---------------------------------------------------------------
GET /rest/of/url HTTP/1.1
User-Agent: curl/7.29.0
Accept: */*
Host: 200.200.200.101

---------------------------------------------------------------
    • Ian_Rickerby_17's avatar
      Ian_Rickerby_17
      Icon for Nimbostratus rankNimbostratus
      Dec 05, 2014
      Hi Thanks for this I thought I had this working but actually although the script runs It then uses the associated pool and load balances the connections in the normal manner I notice that you do not have a pool associated with your virtual server, however I am unable to create a virtual server without a pool. I have added the ltm virtual f5-retail { description "Broker" destination 10.127.10.144:http ip-protocol tcp mask 255.255.255.255 pool Retail profiles { http { } tcp { } } rules { qux } source 0.0.0.0/0 source-address-translation { type automap } vlans { VIP-VLAN } vlans-enabled }
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Dec 06, 2014

    I notice that you do not have a pool associated with your virtual server, however I am unable to create a virtual server without a pool.

     

    why not?

     

    I thought I had this working but actually although the script runs It then uses the associated pool and load balances the connections in the normal manner

     

    can you try to add oneconnect profile and see if it makes any difference?

     

    sol7208: Overview of the OneConnect profile

     

    ">https://support.f5.com/kb/en-us/solutions/public/7000/200/sol7208.html" target="_blank">">https://support.f5.com/kb/en-us/solutions/public/7000/200/sol7208.html

     

  • Ian_Rickerby_17's avatar
    Ian_Rickerby_17
    Icon for Nimbostratus rankNimbostratus
    Dec 08, 2014

    Hi

     

    Ok I will have to come clean I had the the mappings in the data group as "1234" instead of "/1234/" So the script ran and of course never found a resolution. As you had made this clear in your config above it was a stupid mistake.

     

    Interestingly I am now able to remove the pool ?? Although I have rewritten the script to check the pool as I think this may be a better option for us.

     

    Many thanks for your help without which I probably would still be running around in circles