Hi All,New to IRules, and rewrites. Clients will type appname.domain.com, I need to redirect to another URL (working via IRule) that the server understands but keep the friendly name appname.domain.com in the browser post every response. Protocol is https already E3E. TYour help is appreciated. when HTTP_REQUEST {if { [HTTP::host] equals "appname.domain.com"} {if { [HTTP::path] equals "/" } {HTTP::redirect "https://longappname.com:port/something/something /something/etc/etc/etc.html"}}}

Mr__T So a few things stand out to me. First is that you don't want a redirect you would like a rewrite but in your rewrite it looks like you want to add on a port at the end of the host which shouldn't be necessary because your pool member should be listening on that port already. The last is whenever they hit just "/" as the URI do you want to redirect them to a specific path? So as an example of how I believe this works. User requests https://appname.domain.com/F5 responds with a redirect to https://appname.domain.com/something/something/something/etc/etc/etc.htmlUser now requests https://appname.domain.com/something/something/something/something/etc/etc/etc.htmlF5 rewrites appname.domain.com to longappname.comF5 sends request to server on https://longappname.com/something/something/something/etc/etc/etc.htmlResponse comes back from server and F5 rewrites longappname.com to appname.domain.comF5 sends response back to client for https://appname.domain.com/something/something/something/etc/etc/etc.html If for some reason I did not understand this correctly can you provide additional information as to how it has to function?

HTTP::redirect will effectively redirect the client to the new location, and will change the url in the browser. What you need is to replace the host header in the pool side of the connection as described here https://clouddocs.f5.com/api/irules/HTTP__host.html when HTTP_REQUEST { # Check if requested host doesn't start with www.example.com if {not ([string tolower [HTTP::host]] starts_with "www.example.com")}{ # Replace the host header value with newhost.example.com HTTP::header replace Host "newhost.example.com" } } And to replace the path with another path without redirection, this is described here https://my.f5.com/manage/s/article/K02027845 : when HTTP_REQUEST { if { [HTTP::uri] starts_with "/sometext" } { set uri [string map -nocase {"/sometext" "/newtext"} [HTTP::uri]] HTTP::uri $uri } }

You don't need to specify https nor the port on the host header, cause those are specified elsewhere, https is by using a ssl servers profile and the port is at the pool member. Alsop testing if uri starts with / is useless since all uris stars with /. If I understand correctly your requirement, why not first redirecting user to target path, then doing just the host replacement. Something like this that : when HTTP_REQUEST { if { [HTTP::uri] equals "/"} { HTTP::redirect "https://[HTTP::host]/your/full/path/something.html" } else { HTTP::header replace Host ServerName.Domain.com } }

There is no host header in the responses since it is a request header in http. So as long as you connect to the right ip and port of the backend server, and you have the correct host header in the request from F5 (since you handled that with the replace header command), you should get the answer from the server. This answer will then be sent to to the client from F5, and this should be transparent for the client unless you have some redirection happening in the server itself thats is redirecting to the real server name because F5 by default is forwarding these kind of redirections to the client. This can be checked on the client using F12 developer tools. If that is the case, there is solution for that (redirect rewrite)

Mr__T Do you have the output of the redirect coming from the server so we can see what needs to be adjusted?

Irule Vs rewrite - FQDN hostname

Paulius
MVP
Feb 23, 2023
Mr__T So a few things stand out to me. First is that you don't want a redirect you would like a rewrite but in your rewrite it looks like you want to add on a port at the end of the host which shouldn't be necessary because your pool member should be listening on that port already. The last is whenever they hit just "/" as the URI do you want to redirect them to a specific path? So as an example of how I believe this works.

User requests https://appname.domain.com/
F5 responds with a redirect to https://appname.domain.com/something/something/something/etc/etc/etc.html
User now requests https://appname.domain.com/something/something/something/something/etc/etc/etc.html
F5 rewrites appname.domain.com to longappname.com
F5 sends request to server on https://longappname.com/something/something/something/etc/etc/etc.html
Response comes back from server and F5 rewrites longappname.com to appname.domain.com
F5 sends response back to client for https://appname.domain.com/something/something/something/etc/etc/etc.html

If for some reason I did not understand this correctly can you provide additional information as to how it has to function?
- Mr__T
  Cirrus
  Feb 23, 2023
  Hi Paulius,
  The long URL is what the app has hardcoded and will only respond to that URL. So my goal was to make sure the client only sees the frienly name after the redirects happen. I tried rewrite policies but the IRule seems to be the way to go. The redirect to he long URL works fine, but they dont want to see the servername rather FQDN.
  Does this make sense?
- Mr__T
  Cirrus
  Mar 13, 2023
  Hi Paulius
  
  Thanks for the reply.
  When i tried the re-write it did not work as exected.
  User request https://FQDN.
  The backend server/pool member is expecting https://servername:port/something/something. and wont respond to https://FQDN
  I need the browser to always return https://FQDN and not the https://Servername
  Does this make sense?
  - Paulius
    MVP
    Mar 13, 2023
    Mr__T If your pools have multiple pool members I do not believe this will be possible because you will require mapping a single FQDN to multiple server names depending on the pool member that you are sent to. Your best bet here would be to work with the server/app admins to see if they have a way of changing what they expect for the host and path. Typically all of this can be done at the server level instead of performing a bandaid at the F5 which in some cases such as yours will not work because of the single FQDN to many names issue.
Amine_Kadimi
MVP
Feb 23, 2023
HTTP::redirect will effectively redirect the client to the new location, and will change the url in the browser. What you need is to replace the host header in the pool side of the connection as described here https://clouddocs.f5.com/api/irules/HTTP__host.html

when HTTP_REQUEST { # Check if requested host doesn't start with www.example.com if {not ([string tolower [HTTP::host]] starts_with "www.example.com")}{ # Replace the host header value with newhost.example.com HTTP::header replace Host "newhost.example.com" } }

And to replace the path with another path without redirection, this is described here https://my.f5.com/manage/s/article/K02027845 :

when HTTP_REQUEST { if { [HTTP::uri] starts_with "/sometext" } { set uri [string map -nocase {"/sometext" "/newtext"} [HTTP::uri]] HTTP::uri $uri } }
- Mr__T
  Cirrus
  Feb 23, 2023
  Hi Amine_Kadimi
  Would I create 2 separate irules?
  - Amine_Kadimi
    MVP
    Feb 23, 2023
    Sorry for the ambiguous reply. No you can do it with one iRule and one when HTTP_REQUEST block containing all the replacement logic you need.
    
    Two iRules can work too but there is no need to go this way in your case.

Forum Discussion

Irule Vs rewrite - FQDN hostname

Recent Discussions

how to whitelist new source IP on F5 web UI access

F5 to read a combined CRL file

Upgrade F5 BIGIP

ISP Load Balancing, SNAT pool instead of Automap link self-ip, anyway to do health check ?

MAC address of deleted VS IP address still responsive

Related Content

Need assistance rewriting a hostname and appending a uri.

Short iRule rewrite for efficiency/readability

IRULE for rewrite hostname and port

Rewrite URI in multiple places

APM: URI rewrite engine

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS