Forum Discussion

invisible's avatar
invisible
Icon for Nimbostratus rankNimbostratus
Oct 21, 2019

Debugging Rewrite Profile invocation

Hello everyone,

 

A simple question - if there is a require profile attached to a virtual server, how can I debug if that require profile is working or not?

 

I mean - a log file where it written the incoming request/content and what rewrite profile has done by replacing client/server fields.

 

We had a require profile defined since v12 and >5 years ago and it has been working fine. Discovered last week that now it does not work any more - we have not used it for a while.

 

I've upgraded first to the latest 14.x and then to 15.0.1 - result is the same - profile does not work.

 

I need to have a starting point to where to troubleshoot/debug, so need somehow to enable invocation of the the profile(s).

 

Thanks.

application delivery
BIG-IP
LTM
  • AceDawg1's avatar
    AceDawg1
    Icon for Nimbostratus rankNimbostratus
    Oct 21, 2019

    Can you provide the profile please? Paste the contents from the following command:

     

    • tmsh list ltm profile profileName
  • invisible's avatar
    invisible
    Icon for Nimbostratus rankNimbostratus
    Oct 22, 2019

    Here it is

    ltm profile rewrite Host_8443_vhhal202 {
    app-service none
    bypass-list none
    client-caching-type cache-css-js
    defaults-from rewrite
    java-ca-file ca-bundle.crt
    java-crl none
    java-sign-key default.key
    java-sign-key-passphrase-encrypted $M$bJ$J/fdeYNOi9eMb47YC5HEBw==
    java-signer default.crt
    location-specific false
    request {
        insert-xforwarded-for disabled
        insert-xforwarded-host disabled
        insert-xforwarded-proto disabled
        rewrite-headers enabled
    }
    response {
        rewrite-content enabled
        rewrite-headers enabled
    }
    rewrite-list none
    rewrite-mode uri-translation
    split-tunneling false
    uri-rules {
        uri_1570432736093 {
            client {
                host host.external.server
                path /uaa-server/
                port 8443
                scheme https
            }
            server {
                host uaa-server.vhhal202.internal.server
                path /
                port 30033
                scheme https
            }
        }
        uri_1570512770912 {
            client {
                host host.external.server
                path /
                port 8443
                scheme https
            }
            server {
                host coil-dev-ui.vhhal202.internal.server
                path /
                port 30033
                scheme https
            }
        }
    }
}

    external.server and internal.server correspond to external facing and internal FQDNs.

  • invisible's avatar
    invisible
    Icon for Nimbostratus rankNimbostratus
    Nov 05, 2019

    Hello, anyone has a thought about this?

     

    I tried both methods - define full and relative path for client and server in two separate rewrite profiles:

     

    • https://host.external/server:8443/ (client/external) and https://uaa-server.vhhal202.internal.server:30033/ (server/internal)

     

    • / (client/external) https://uaa-server.vhhal202.internal.server:30033/ (server/internal)

     

    The result is the same - when I to to https://host.external/server:8443/ on my browser, I am getting https://uaa-server.vhhal202.internal.server:30033/ with 404 back, so F5 does not rewrite request and content regardless the either profile I use.

     

    Any thoughts what could be happening here?