I just did a quick rebuild in my lab to see what's the behavior on my BIG-IP and it looks like it's doing the same. Here is my setup:
On my BIG-IP a VS listening on port 8443 with a clientssl profile attached. Also is attached a pool with a member that listens on port 8080 (no SSL). When I do a curl to the VS on 8443 the webserver at 8080 is working:
[nielsvs@localhost ~]$ curl -v -k https://10.23.98.20:8443
* Rebuilt URL to: https://10.23.98.20:8443/
* Trying 10.23.98.20...
* Connected to 10.23.98.20 (10.23.98.20) port 8443 (0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
* Server certificate:
* subject: E=root@localhost.localdomain,CN=localhost.localdomain,OU=IT,O=MyCompany,L=Seattle,ST=WA,C=US
* start date: Mar 01 12:23:46 2016 GMT
* expire date: Feb 27 12:23:46 2026 GMT
* common name: localhost.localdomain
* issuer: E=root@localhost.localdomain,CN=localhost.localdomain,OU=IT,O=MyCompany,L=Seattle,ST=WA,C=US
> GET / HTTP/1.1
> User-Agent: curl/7.40.0
> Host: 10.23.98.20:8443
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Sun, 27 Nov 2016 19:47:29 GMT
< Server: Apache/2.4.17 (Fedora) PHP/5.6.20
< Last-Modified: Sun, 27 Nov 2016 19:25:51 GMT
< ETag: "74-5424d52b75603"
< Accept-Ranges: bytes
< Content-Length: 116
< Content-Type: text/html; charset=UTF-8
<
Listen on port 8080
Listen on port 8080 test
* Connection 0 to host 10.23.98.20 left intact
[nielsvs@localhost ~]$
When I perform a tcpdump on the pool member it shows the Host header is unchanged:
20:50:53.398593 IP 10.23.98.5.47039 > localhost.localdomain.webcache: Flags [P.], seq 1:110, ack 1, win 4380, options [nop,nop,TS val 2807503574 ecr 680267002], length 109: HTTP: GET / HTTP/1.1
0x0000: 4500 00a1 fb9a 4000 fe06 ae86 0a17 6205 E.....@.......b.
0x0010: 0a17 5c02 b7bf 1f90 ce7f de44 3552 3cad ..\........D5R<.
0x0020: 8018 111c dcd0 0000 0101 080a a757 1ad6 .............W..
0x0030: 288c 0cfa 4745 5420 2f20 4854 5450 2f31 (...GET./.HTTP/1
0x0040: 2e31 0d0a 5573 6572 2d41 6765 6e74 3a20 .1..User-Agent:.
0x0050: 6375 726c 2f37 2e34 302e 300d 0a48 6f73 curl/7.40.0..Hos
0x0060: 743a 2031 302e 3233 2e39 382e 3230 3a38 t:.10.23.98.20:8
0x0070: 3434 330d 0a41 6363 6570 743a 202a 2f2a 443..Accept:.*/*
0x0080: 0d0a 582d 466f 7277 6172 6465 642d 466f ..X-Forwarded-Fo
0x0090: 723a 2031 302e 3233 2e39 322e 320d 0a0d r:.10.23.92.2...
0x00a0: 0a .
The iRule you use also seems to work. My redirect.php script looks like this:
[root@localhost test_8080] cat redirect.php
[root@localhost test_8080]
When I retrieve this page via the VS it's changing the port number from 8080 to 8443.
[nielsvs@localhost ~]$ curl -v -k https://10.23.98.20:8443/redirect.php
* Trying 10.23.98.20...
* Connected to 10.23.98.20 (10.23.98.20) port 8443 (0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
* Server certificate:
* subject: E=root@localhost.localdomain,CN=localhost.localdomain,OU=IT,O=MyCompany,L=Seattle,ST=WA,C=US
* start date: Mar 01 12:23:46 2016 GMT
* expire date: Feb 27 12:23:46 2026 GMT
* common name: localhost.localdomain
* issuer: E=root@localhost.localdomain,CN=localhost.localdomain,OU=IT,O=MyCompany,L=Seattle,ST=WA,C=US
> GET /redirect.php HTTP/1.1
> User-Agent: curl/7.40.0
> Host: 10.23.98.20:8443
> Accept: */*
>
< HTTP/1.1 302 Found
< Date: Sun, 27 Nov 2016 19:52:31 GMT
< Server: Apache/2.4.17 (Fedora) PHP/5.6.20
< X-Powered-By: PHP/5.6.20
< Location: https://10.23.98.20:8443/new_page.html
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
<
* Connection 0 to host 10.23.98.20 left intact
[nielsvs@localhost ~]$
So what isn't exactly working in your setup?