Forum Discussion
teguh_wilidarma
Nimbostratus
NimbostratusiRule HTTP redirection - one server multiple instance
Hi, I was digging through this forum and found several similar cases like mine, but I am still very newbie on how iRule commands interact with VS and pool member selection. Moreover, I havent managed to found any case that have the pool member running multiple instances of service. hope the wisemen here can help:
My customer is implementing a trading application which consists of more than one module, but running on the same machine (one web server running multiple instance):
for FE module:
1. forward "http://front_web" to "webserver_ip" at port 2020
2. forward "https://front_web/servlet/LiveGiverServlet" to "webserver_ip"at port 2025
for TR module:
1. forward "http://tr_web" to "webserver_ip" at port 4020
2. forward "https://tr_web/servlet/LiveGiverServlet" to "webserver_ip" at port 4025
I am thinking of when: HTTP_REQUEST , match condition: HTTP::host, and statement is HTTP::redirect to port something, and in "if" command.
But I can not think of how the traffic will flow as the irule is INSIDE virtual server, and the virtual server is listening on a particular IP address and service port. is it possible to create a single vs with 2 port to listen to (2020 and 2025 for FE module, 4020 and 4025 for TR module) ?
Is there a better way to do the task?
Thanks all
Teguh
teguh_wilidarmaI don't know, will this work?
example for FE module:
when HTTP_REQUEST {
if { [HTTP::host] equals "www.front.com"} {
[HTTP::redirect] http://[HTTP::host]:2020
} elseif { [HTTP::host] equals "https://www.front.com" and [HTTP::uri] equals "/servlet/LiveGiverServlet"} {
[HTTP::redirect] http://[HTTP::host]:2025
}
}
VS for FE module listen on port : 2020 and 2025
Regards
Teguh- teguh_wilidarmaYes that's correct Stefan, thank u for your reply.
my explanation will be:
there are two public IP: one for FE and one for TR.
There will be two behaviour for FE module:
if it is plain http, then change destination port to 2020
it it is https://.../servlet/LiveGiverServlet, change destination port to 2025.
Same goes with TR module.
Thanks
Teguh - teguh_wilidarmahttp goes to 2020/4020, https with different URI goes to 2025/4025
Cheers - teguh_wilidarmaMy apology Stefan, do you mean that in HTTPS (with SSL), if not terminated on the LTM, then it can not read the URI?
My customer request is simply stating that when a user is accessing the front-end server using HTTPS and with that spesific URI, the LTM should load balance to pool member using port 2025.
I will discuss deeper to my customer to ask what happens if the user is only entering https://front. Is that what you referring Stefan?
Many thanks
Teguh - Hi guys,
what do you think about using a "switch" statement instead of "if" statements.
Shouldn´t this improve the performance!?
Probably not to much in this case but in much longer examples.
Cheers, Sven 
hooleylistCirrostratus
Hi Sven,
You could use a switch statement. It shouldn't make a big difference, but it's a bit cleaner:when HTTP_REQUEST { switch [HTTP::host] { "front_web" { if { [string tolower [HHTP::uri]] starts_with "/servlet/livegiverservlet" } { pool poolname_2025 } else { pool poolname_2020 } } "tr_web" { if { [string tolower [HHTP::uri]] starts_with "/servlet/livegiverservlet" } { pool poolname_4025 } else { pool poolname_4020 } } } }
Aaron- teguh_wilidarmaPosted By hoolio on 02/08/2011 08:03 AM Hi Sven,
You could use a switch statement. It shouldn't make a big difference, but it's a bit cleaner:when HTTP_REQUEST { switch [HTTP::host] { "front_web" { if { [string tolower [HHTP::uri]] starts_with "/servlet/livegiverservlet" } { pool poolname_2025 } else { pool poolname_2020 } } "tr_web" { if { [string tolower [HHTP::uri]] starts_with "/servlet/livegiverservlet" } { pool poolname_4025 } else { pool poolname_4020 } } } }
Aaron
Hi hoolio, what is the difference between "switch" and "if" command? My ref is only the conf guide for LTM and I found no switch command in it. also, the string tolower? could you help explain a quick brief of these commands?
One more question hoolio, if the user is accessing through port 80, and then we state in the vs settings that the vs port is 80, but in the pool member in that vs is (some_IP):2020, would LTM change the destination port into 2020 or it stays in 80?
@Stefan, they say it will be dropped. The client program in the user's PC will only generate that particular URI with https.
Thanks - hooleylistHere are a few articles and man pages for the various commands:
How to Write Fast iRules
http://devcentral.f5.com/wiki/default.aspx/iRules/HowToWriteFastRules.html
switch TCL and Devcentral man pages
http://www.tcl.tk/man/tcl8.4/TclCmd/switch.htm
http://devcentral.f5.com/wiki/default.aspx/iRules/switch
if TCL man page:
http://www.tcl.tk/man/tcl8.4/TclCmd/if.htm
string TCL man page:
http://www.tcl.tk/man/tcl8.4/TclCmd/string.htm
'string tolower $my_string' returns the $my_string value in lower case. It's used primarily for doing case insensitive comparisons. HTTP paths in IIS are not case sensitive. Host names should always be treated as case insensitive for any application platform. I assume with servlets that you're not on an IIS platform. If you're on a Java based platform, you should be able to leave the case alone and use a case sensitive comparison.
If you have 'port translation' enabled on the virtual server properties, LTM will translate the destination port from the virtual server port to the pool member port. This is enabled by default on all but port 0 (any) virtual servers.
Aaron - teguh_wilidarmaThank you very much Aaron
- teguh_wilidarmaBtw Aaron, if you look at my first question, the web server is only one, with multiple instance. And for each instance, there will be two conditions. If http, then forward to the server using 2020, if it is https with particular URI, forward to the server using 2025. If I create only one VS for each module, how do I tell LTM to fulfil the second requirement? I am thinking that the VS for that server is only listening on port 80, and for the 443, I need to create another VS with the same server IP but listen on port 443. The member will be the same for both VS. Is it possible? what do you think Aaron?
Thanks before
