Forum Discussion

praveen_73358's avatar
Icon for Nimbostratus rankNimbostratus
Feb 11, 2011

HTTP/1.1 response from F5 for HTTPS VIP

Dear All,



We have a F5 with version IP 10.0.1 Build 378.0 Hotfix HF3.



I need HTTP/1.1 response from the F5 with 502 code for a HTTPS VIP.


We have tried the below iRule using SSL::respond:



when LB_FAILED { SSL::respond "HTTP/1.1 502 Bad Gateway\r\nServer: BigIP\r\nConnection: close\r\nContent-Length: 0\r\n\r\n" }



However the desired output was not obtained.


As per the previous updates above I see that this should work in version 10 as per below discussion:



Can anyone update if there is any issue with the iRule we tested.







3 Replies

  • Do you have a client SSL profile added to the virtual server? If so, you can use HTTP::respond instead of SSL::respond. The syntax should be about the same. Also, make sure to use \r\n as this is the delineator for HTTP headers.



  • Hi,



    We have used the attached iRule wherein we have used HTTP::respond and it did not work.



    Anything wrong with the iRule above?



  • Hi Praveen,



    Sorry, I've been missing the point in your posts on this. You need to send an HTTP 1.1 response, but HTTP::respond doesn't currently support sending an HTTP 1.1 response. There is a request for enhancement ID, 337768, which tracks the request to send an HTTP response with a version that matches the original request version. There's a suggestion to add a flag to override this behavior if you want to hard code the response version.



    I'm not sure why SSL::respond isn't working in LB_FAILED. I suggest opening a case with F5 Support on this. I found one case related to this issue (which might be from your reseller?) but the specific issue of SSL::respond not working in LB_FAILED wasn't investigated fully.



    Hope this helps,