Forum Discussion

Joseph_Lindsly's avatar
Joseph_Lindsly
Dec 30, 2014

irule to redirect traffic as well as changing the URL

We currently have a test environment where our web developers like to have the servers configured like our PROD servers. We currently have a setup in PROD where we have a Microsoft ISA performing reverse proxy from PROD to TEST. For example, in PROD, if you type www.abc.com.int.xyz.com, this will resolve to an IP address on the PROD ISA server. Once the traffic gets there, the ISA server is configured to listen for that URL and then forward the traffic from PROD to a TEST F5 VIP as www.abc.com. The test F5 VIP receives the traffic and then forwards it to the server farm in the configured pool which contains web servers that are configured to listen for www.abc.com.

They are planning to decommission the ISA server and have asked for the F5 to take over those responsibilities. I have created a pool on the PROD F5 that contains the test F5 VIP and have configured a basic PROD VIP that is linked to that pool. I created a DNS record test.abc.com.int.xyz.com that resolves to this new PROD VIP. I created an irule but it is not working. Here is the irule that i created.

when HTTP_REQUEST {
  if { [HTTP::host] equals "test.abc.com.int.xyz.com"} {
    HTTP::header replace "Host" "www.abc.com"
    switch -glob [HTTP::uri] {
      "/" -
      }
  }
}

Any help would be appreciated.

Thanks

APM
application delivery
design
devops
iRules
LTM
microsoft
security

7 Replies

Sort By
  • Michael_Jenkins's avatar
    Michael_Jenkins
    Icon for Cirrostratus rankCirrostratus
    Dec 30, 2014

    I'd add some logging to see what's happening (and a couple changes to your script). Then check the LTM logs to see what is happening... 

    when HTTP_REQUEST {
    log local0. "Host: [HTTP::host]"
    if { [string tolower [HTTP::host]] equals "test.abc.com.int.xyz.com"} {
        HTTP::header replace "Host" "www.abc.com"

        log local0. "  URI: [HTTP::uri]"
        switch -glob [string tolower [HTTP::uri]] {
            "/" {
                log local0. "    Setting Pool: XXXX"
                pool XXXX
            }                
            default {
                log local0. "    Setting Pool: XXXX"
                pool YYYY
            }
        }
    }
}
  • giltjr's avatar
    giltjr
    Icon for Nimbostratus rankNimbostratus
    Dec 30, 2014

    Not sure why you are checking the URI for anything since this seems to be based on the host name. You should be able to:

    when HTTP_REQUEST { 
log local0. "Host: [HTTP::host]"
if { [string tolower [HTTP::host]] equals "test.abc.com.int.xyz.com"} {
    HTTP::header replace "Host" "www.abc.com"
    pool YYYY 
    log local0. "    Setting Pool: YYYY"
    else {
    pool XXXX
    log local0. "    Setting Pool: XXXX"
    }
}
  • Joseph_Lindsly's avatar
    Joseph_Lindsly
    Dec 30, 2014

    Thanks for the updates. They both seem to work partially. When i try accessing the "test.abc.com.int.xyz.com", it does open the page that is located on the test F5 that is listening for www.abc.com. However, when i hover my mouse over the various links on the page, they are showing www.abc.com/xxx instead of test.abc.com.int.xyz.com/xxx. What other modifications do i need to add to the irule for this to affect all links on the page?

     

    Thanks

     

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Dec 31, 2014

    However, when i hover my mouse over the various links on the page, they are showing www.abc.com/xxx instead of test.abc.com.int.xyz.com/xxx. What other modifications do i need to add to the irule for this to affect all links on the page?

     

    if www.abc.com is embedded in response message body, you have to rewrite it. you may try (1) stream profile or (2) rewrite and html profiles.

     

    (1) sol8115: Overview of the Stream profile

     

    https://support.f5.com/kb/en-us/solutions/public/8000/100/sol8115.html

     

    (2) Configuring the BIG-IP System as a Reverse Proxy Server

     

    https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-4-0/21.html

     

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jan 06, 2015

    That didn't work.

     

    have you done troubleshooting (e.g. tcpdump)? what did you get?

     

  • Joseph_Lindsly's avatar
    Joseph_Lindsly
    Jan 06, 2015

    Thanks for all of the responses. I was able to get it to work. Here is the irule that I am using that works.

    when HTTP_REQUEST {
 
STREAM::disable
 
 LTM does not uncompress response content, so if the server has compression enabled
 and it cannot be disabled on the server, we can prevent the server from
 sending a compressed response by removing the compression offerings from the client
 
HTTP::header remove "Accept-Encoding"
 
log local0. "Host: [HTTP::host]"
if { [string tolower [HTTP::host]] equals "www.abc.com.int.xyz.com"} {
    HTTP::header replace "Host" "www.abc.com"}
    pool POOL1
    log local0. "Setting Pool: POOL1"
}

when HTTP_RESPONSE {
 
 Check if response type is text
  if {[HTTP::header value Content-Type] contains "text"}{
  
      Replace http:// with https://
     STREAM::expression {@www.abc.com@www.abc.com.int.xyz.com@@www.def.com@www.def.com.int.xyz.com@}
     
      Enable the stream filter for this response only
     STREAM::enable
  }
}