Switching iRule help

I will have to look at this more, but SET-COOKIE will only set the cookie on the browser when you are returning data to the browser. If you just use "SET-COOKIE" in HTTP_REQUEST it will add the cookie to the request going to the server, but it will not be there when the response goes back to the client.

So you either need to do a redirect, or save the value of the cookie in a variable and then do the SET-COOKIE in HTTP_RESPONSE.

Without reviewing the iRule completely I personally would save the Cookie value as a variable and set it in the HTTP_RESPONSE section to avoid sending what on my quick initial analysis appears to be be an unnecessary redirect.

You will, of course, need to do testing but I think this should get the same results without the redirects.

    when HTTP_REQUEST {

   Insert Cookies for policy switching
  set setcookie ""
  log local0. "Cookie $setcookie"
  log local0. "Client [IP::client_addr] connected from switch" 
  set vip "/Common/v.dc.wa_default_0.app/v.dc.wa_default_0_vs"  
  switch [string tolower [HTTP::uri]] {
    "/none"     {  set setcookie "none ; Expires=Thu, 01 Jan 1970 00:00:01 GMT\" }
    "/tcp"      {  set setcookie "tcp\" ; set vip "/Common/v.dc.wa_default_0.app/v.dc.wa_default_0_vs" ; COMPRESS::disable }
    "/compress" {  set setcookie "compress\" ; set vip "/Common/v.dc.wa_compress_1.app/v.dc.wa_compress_1_vs" ; COMPRESS::enable }
    "/ibr"      {  set setcookie "ibr\" ; set vip "/Common/v.dc.wa_ibr_2.app/v.dc.wa_ibr_2_vs" ; COMPRESS::enable  }
    "/img"      {  set setcookie "img\" ; set vip "/Common/v.dc.wa_img_3.app/v.dc.wa_img_3_vs" ; COMPRESS::enable }
    "/reorder"  {  set setcookie "reorder\" ; set vip "/Common/v.dc.wa_reorder_4.app/v.dc.wa_reorder_4_vs" ; COMPRESS::enable }
    "/spdy"     {  set setcookie "spdy\" ; set vip "/Common/v.dc.wa_spdy_5.app/v.dc.wa_spdy_5_vs" ; COMPRESS::enable}
    "/http2"    {  set setcookie "http2\";set vip "/Common/v.dc.wa_http2_6.app/v.dc.wa_http2_6_vs" ; COMPRESS::enable }
    "/oc"       {  set setcookie ; "OneConnect\" set vip "/Common/v.dc.wa_oc_7.app/v.dc.wa_oc_7_vs" ; COMPRESS::enable }
  }

  log local0. "Cookie $setcookie"
  log local0. "Virtual $vip"
  virtual $vip
  if { [string tolower [HTTP::uri]] eq "/current" } {
    HTTP::respond 200 content "Current cookie setting for X-WA-Policy is: [HTTP::cookie "X-WA-Policy"]"
  }  
}

when HTTP_RESPONSE {
  HTTP::header insert "X-DC-Virtual" $vip
  if { [string length $setcookie] > 0 } {HTTP::cookie insert name "X-WA-Policy" value $setcookie}
}  

Look at the iRule the only reason I can see offhand, without being able to run it myself, that the redirect would be needed is if the original URL is different from https://sklep.rossnet.pl.

So the users enter "/compress" or "/tcp" or whatever? Or is this entered by some type of client side script/program?

Try adding the following code just before the "if { [string tolower [HTTP::uri]] eq "/current" }"

  if { [string length $setcookie] > 0 } {  
    HTTP::uri "/"  
  } 

Hi,

Here is final version of my iRule that seems to be working for both rerouting traffic to another VS (for testing performance of different AAM WA profiles) as well as returning to using switching VS (one with this iRule attached) after traffic was rerouted to another VS.

Probably not the best iRule in the world (still learning) but maybe will be of some use for others 🙂

when CLIENT_ACCEPTED {

    Trick (not working when clientssl profile not assigned to VS, so not working for pass-through https VS
    It makes code more universal by using correct protocol set for VS with iRule attached
    (http, https) in 302 redirect used later on

   if { [PROFILE::exists clientssl] == 1} {

      set proto "https"
   }
   else {

    set proto "http"

}

log local0. "Scheme is $proto"

}


when HTTP_REQUEST {

   Insert Cookies for policy switching

  set setcookie ""

  log local0. "Cookie in setcookie is $setcookie"
  log local0. "Client [IP::client_addr] connected from switch"

  switch [string tolower [HTTP::uri]] {
    "/none" {
        set setcookie " \"Set-Cookie\" \"X-WA-Policy=none; Expires=Thu, 01 Jan 1970 00:00:01 GMT\""
    }
    "/tcp" {
        set setcookie " \"Set-Cookie\" \"X-WA-Policy=tcp\""
    }
    "/compress" {
        set setcookie " \"Set-Cookie\" \"X-WA-Policy=compress\""
    }
    "/ibr" {
        set setcookie " \"Set-Cookie\" \"X-WA-Policy=ibr\""
    }
    "/img" {
        set setcookie " \"Set-Cookie\" \"X-WA-Policy=img\""
    }
    "/reorder" {
        set setcookie " \"Set-Cookie\" \"X-WA-Policy=reorder\""
    }
    "/spdy" {
        set setcookie " \"Set-Cookie\" \"X-WA-Policy=spdy\""
    }
    "/http2" {
        set setcookie " \"Set-Cookie\" \"X-WA-Policy=http2\""
    }
    "/oc" {
        set setcookie " \"Set-Cookie\" \"X-WA-Policy=OneConnect\""
    }
  }

  Redirect is necessary so after using path from URI entered in browser
  it's reset in the browser and subsequesnt request are not using this fake path  

  if { [string length $setcookie] > 0 } {

    log local0. "New cookie created $setcookie"

    HTTP::uri "/"

    set cmd "HTTP::respond 302 Location \"$proto://[HTTP::host][HTTP::uri]\" $setcookie"

    log local0. "Redirect is $cmd"

    eval $cmd

    return
  }

  URI for checking what is current state of switching - what cookie is set in requests

  if { [string tolower [HTTP::uri]] eq "/current" } {

    HTTP::respond 200 content "Current cookie setting for X-WA-Policy is: [HTTP::cookie "X-WA-Policy"]"

  }

  set vip "/Common/v.dc.wa_default_0.app/v.dc.wa_default_0_vs"

   log local0. "Cookie in request is [string tolower [HTTP::cookie "X-WA-Policy"]]"

  switch [string tolower [HTTP::cookie "X-WA-Policy"]] {
    "tcp" {
      set vip "/Common/v.dc.wa_default_0.app/v.dc.wa_default_0_vs"
      COMPRESS::disable
    }  
    "compress" {
      set vip "/Common/v.dc.wa_compress_1.app/v.dc.wa_compress_1_vs"
      COMPRESS::enable
    }
    "ibr" {
      set vip "/Common/v.dc.wa_ibr_2.app/v.dc.wa_ibr_2_vs"
      COMPRESS::enable
    }
    "img" {
      set vip "/Common/v.dc.wa_img_3.app/v.dc.wa_img_3_vs"
      COMPRESS::enable
    }
    "reorder" {
      set vip "/Common/v.dc.wa_reorder_4.app/v.dc.wa_reorder_4_vs"
      COMPRESS::enable
    }
    "spdy" {
      set vip "/Common/v.dc.wa_spdy_5.app/v.dc.wa_spdy_5_vs"
      COMPRESS::enable
    }
   "http2" {
      set vip "/Common/v.dc.wa_http2_6.app/v.dc.wa_http2_6_vs"
      COMPRESS::enable
    }
   "OneConnect" {
      set vip "/Common/v.dc.wa_oc_7.app/v.dc.wa_oc_7_vs"
      COMPRESS::enable
    }
    default {

      If URI path is "/" use switching VS itself (one with this iRule attached), do not switch to other VS

      set vip ""


      log local0. "LBSelect is [LB::select]. The default switch used"

      LB::detach is necessary when no OneConnect is used for switching VS
      After some VS is chosen using virtual command it will stick until another virtual comman is performed
      In case when switching VS should be used after using another VS connection to previous VS has to be detached
      Then instead of sending traffic to previously selected VS, traffic is again processed by switching VS  

      LB::detach

      COMPRESS::disable


    }
  }

  log local0. "Virtual selected is $vip"
  log local0. "Current virtual server name: [virtual name]"

  Use virtual command only if VS other than switching VS should be used for handling traffic

  if { [string length $vip] > 0 } {
      virtual $vip
  }
}


when HTTP_RESPONSE {

    Set cookie only if VS other than switching VS should be used for handling traffic

    if { [string length $vip] > 0 } {

        HTTP::header insert "X-DC-Virtual" $vip
    }
}

Of course all credits goes to Jason Rahm who provided this iRule in

Project Acceleration: Test Infrastructure

Many thanks to you John as well for helping with this issue. Hope to find same time to test your version as well.

Piotr

Wait, you wanted somebody to improve on Jason's iRule? I thought you wrote that.