HTTP to HTTPS redirect - minimum requirements for HTTP Virtual Server

Question

Hi all, first post here.  I'm a few months new to F5, but been around other LB's for years. &nbsp;
I have a virtual server set up and working on HTTPS(lets say 'VS1.1.1.1_HTTPS').  I want to redirect HTTP traffic destined to the same IP to HTTPS.  I followed sol14996 to configure a Policy and applied it to a new virtual sever listening on HTTP (VS1.1.1.1_HTTP).  &nbsp;
My question is how do I mark the HTTP virtual server available since I don't want/need/have a pool listening on 80?  It's sole purpose in life is to redirect, it doesn't need a pool of resources since it'd never send traffic to them, but that's what I apply a monitor to.  I'm looking for a "always mark available" check box on the VS, but I don't see one.  Alternatively, I guess I could mark it available if the HTTPS VIP is available.  Is there an easy way to do that?  &nbsp;
Any input is appreciated, thanks!&nbsp;
Joe &nbsp;

josiah_39459 · Answer

I think most people just leave it at blue/unknown. If it's really important to see it as green/available, you can just put the same pool on it as the https vip. Traffic won't ever go to the pool anyway since the redirect rule runs every time.

kohli9harjeev · Answer

Hi Joe,&nbsp;
Its a simple basic scenario of HTTP to HTTPS redirect. You just need to create  new VS on port  80 with same VS ip as of HTTPS VS and just assing the F5 inbuilt irule "_sys_https_redirect" or you can create the following irule and assign it to HTTP VS if you are using standard ports&nbsp;
when HTTP_REQUEST {
   HTTP::redirect https://[getfield [HTTP::host] ":" 1]    [HTTP::uri] 
 }&nbsp;
Regards
 Harjeev&nbsp;

eben_240222 · Answer

Since the sole purpose of the virtual server is to redirect, leave the availability status as UNKNOWN. i.e blue square. apply your HTTP TO HTTPS iRule to it. and it will work just fine.
Josiahs method will work fine if you want to see the VS as green. or you can add a random available pool with pool members marked available.
NB: The virtual server availability is dependent on the pool and pool members its servicing.&nbsp;

joecaracci · Answer

Thanks for the speedy responses.  The policy redirect seems to be working.  Good to know about the default iRule.  Which is less resource intense - a policy or an iRule?  &nbsp;

Forum Discussion

HTTP to HTTPS redirect - minimum requirements for HTTP Virtual Server

4 Replies

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Get associated pool name from VIP IP using F5-LTM

Disacard SSL::cert mode to ignore when default SSLClient profile is set to request or require

About custome Response Blocking Page

About IPI check ip list

Related Content

iRULE - Redirect irule - Help required

Reminder: MFA now required to log in to DevCentral

DevCentral to Require Multi-Factor Authentication for Account Login from September 26

F5 BIG-IP Sizing Requirement

CNAME redirection to GTM certificate SAN requirement