Forum Discussion

RAQS's avatar
RAQS
Icon for Cirrus rankCirrus
Jun 28, 2022

How to Forward traffic via F5

Hi Team,

I need to forwrad tha traffic based on URI  from one domain to another and this should not visible in browser.

For ex:- When user hit "https://api-q.abc.com:443/lontools-java" then F5 should forward the traffic to " https://cp.api.us01a.xyz.com/qiontools-java" and user should not able to see this change in URL in browser. For user it will remain same as "https://api-q.abc.com:443/lontools-java".

Regards,
RAQS

  • Hello RAQS,

    Sorry for the late response, but I'm on holiday.

    Taking into account your backend server is outside of your network (in Cloud), these are your chances:

    1. Using redirection.

    ----------                                                    |--------|
    | Client |---------- GET https://api-q.abc.com... ----------->|   F5   |
    |        |<-- 302 Redirect (https://cp.api.us01a.xyz.com...)--|        |
    ----------                                                    |--------|
    |--------|                                                    |--------|
    | Client |------- GET https://cp.api.us01a.xyz.com... ------->| Cloud  |
    |        |<---------------------- 200 OK ---------------------| Server |
    |--------|                                                    |--------|

    The redirection will occur transparently for the client, but the URL in the browser will change. 

    2. Using rewrite profile ( + policy for selecting a different pool)

    ----------                                                    |--------|
    | Client |---------- GET https://api-q.abc.com... ----------->|   F5   |
    |        |<---------------------- 200 OK ---------------------|        |
    ----------                                                    |--------|
    |--------|                                                    |--------|
    | F5     |------- GET https://cp.api.us01a.xyz.com... ------->| Cloud  |
    |        |<---------------------- 200 OK ---------------------| Server |
    |--------|                                                    |--------|

    The F5 will receive the query from the client and will replace the host header and URI. This implies that F5 has to reach the cloud server in order to serve the service.

    If this resource requires to use of a different backend server different than the default one, you can configure a policy to change the pool (to your Cloud Server) when the URL matches "https://api-q.abc.com:443/lontools-java".

    3. Using iRules (not so efficient as point 2, but also feasible)

    when HTTP_REQUEST {
    	if { [HTTP::host] eq "api-q.abc.com"}{
    		if { [HTTP::uri] contains "lontools-java"} {
    			HTTP::header replace Host "cp.api.us01a.xyz.com"
    			HTTP::uri "/qiontools-java"
    			pool test_pool
    		}
    	}
    }

    Using the previous iRule, the host header, the URI, and the pool will change when the condition matches.

    This is simple to configure and test, but take into account that only the request packet will be replaced, if you need to modify some of the content of the cloud server, you will need to use a rewrite profile (or dig into the payload using iRules).

    If this was helpful, please, don't forget to rate my answer as resolved or gimme some upvotes.