Keep Connection open on redirect

Question

I have a 443 VS that keeps the connections open and reuse them when needed. I have a 80 VS that redirects to 443 but it always closes the connection after each connection. How can I keep the connection open when going to 80 and redirecting to 443? I have a simple redirection iRule&nbsp;
when HTTP_REQUEST {&nbsp;
      HTTP::respond 301 Location "https://[HTTP::host][HTTP::uri]"&nbsp;
}  
&nbsp;
curl -IL https://clients.F5.com  
&nbsp;
HTTP/1.1 302 Found&nbsp;
Cache-Control: private&nbsp;
Content-Length: 162&nbsp;
Content-Type: text/html; charset=utf-8&nbsp;
Location: https://clients.f5.com//login/default.aspx&nbsp;
X-Frame-Options: SAMEORIGIN&nbsp;
Strict-Transport-Security: max-age=31536000&nbsp;
Set-Cookie: F5Sess=srjdlx4kzsu3jgodl4vnxmim; path=/; secure; HttpOnly&nbsp;
X-Powered-By: ASP.NET&nbsp;
Strict-Transport-Security: max-age=31536000&nbsp;
SERVER:&nbsp;
Date: Tue, 20 Sep 2016 19:13:13 GMT  
&nbsp;
HTTP/1.1 301 Moved Permanently&nbsp;
Cache-Control: private&nbsp;
Content-Length: 165&nbsp;
Content-Type: text/html; charset=utf-8&nbsp;
Location: https://login.F5.com/en-us/login/Default.aspx&nbsp;
X-Frame-Options: SAMEORIGIN&nbsp;
Strict-Transport-Security: max-age=31536000&nbsp;
Set-Cookie: F5Sess=me5sjh4v4mdnobkbnx24iryy; path=/; secure; HttpOnly&nbsp;
X-Powered-By: ASP.NET&nbsp;
Strict-Transport-Security: max-age=31536000&nbsp;
SERVER:&nbsp;
Date: Tue, 20 Sep 2016 19:13:13 GMT  
&nbsp;
HTTP/1.1 200 OK&nbsp;
Cache-Control: private&nbsp;
Content-Length: 49534&nbsp;
Content-Type: text/html; charset=utf-8&nbsp;
X-Frame-Options: DENY&nbsp;
Set-Cookie: F5LoginSess=; expires=Mon, 19-Sep-2016 19:13:14 GMT; path=/; secure; HttpOnly&nbsp;
Set-Cookie: ASP.NET_SessionId=; expires=Mon, 19-Sep-2016 19:13:14 GMT; path=/; secure; HttpOnly&nbsp;
Set-Cookie: F5Sess=; expires=Mon, 19-Sep-2016 19:13:14 GMT; path=/; secure; HttpOnly&nbsp;
Set-Cookie: F5ConnSess=; expires=Mon, 19-Sep-2016 19:13:14 GMT; path=/; secure; HttpOnly
Date: Tue, 20 Sep 2016 19:13:13 GMT  
&nbsp;

curl -IL clients.F5.com  
&nbsp;
HTTP/1.0 301 Moved Permanently&nbsp;
Location: https://clients.F5.com/&nbsp;
Server: BigIP&nbsp;
Connection: Keep-Alive&nbsp;
Content-Length: 0  
&nbsp;
HTTP/1.1 302 Found&nbsp;
Cache-Control: private&nbsp;
Content-Length: 162&nbsp;
Content-Type: text/html; charset=utf-8&nbsp;
Location: https://clients.F5.com//login/default.aspx&nbsp;
X-Frame-Options: SAMEORIGIN&nbsp;
Strict-Transport-Security: max-age=31536000&nbsp;
Set-Cookie: F5Sess=qc0yfggejzly1lukn5daw2qg; path=/; secure; HttpOnly&nbsp;
X-Powered-By: ASP.NET&nbsp;
Strict-Transport-Security: max-age=31536000&nbsp;
SERVER:&nbsp;
Date: Tue, 20 Sep 2016 19:15:25 GMT&nbsp;
Connection: close  
&nbsp;
HTTP/1.1 301 Moved Permanently&nbsp;
Cache-Control: private&nbsp;
Content-Length: 165&nbsp;
Content-Type: text/html; charset=utf-8&nbsp;
Location: https://login.F5.com/en-us/login/Default.aspx&nbsp;
X-Frame-Options: SAMEORIGIN&nbsp;
Strict-Transport-Security: max-age=31536000&nbsp;
Set-Cookie: F5Sess=owdyyxsu4lrzx1ousa4uyspe; path=/; secure; HttpOnly&nbsp;
X-Powered-By: ASP.NET&nbsp;
Strict-Transport-Security: max-age=31536000&nbsp;
SERVER:&nbsp;
Date: Tue, 20 Sep 2016 19:15:25 GMT&nbsp;
Connection: close  
&nbsp;
HTTP/1.1 200 OK&nbsp;
Cache-Control: private&nbsp;
Content-Length: 49534&nbsp;
Content-Type: text/html; charset=utf-8&nbsp;
X-Frame-Options: DENY&nbsp;
Set-Cookie: F5LoginSess=; expires=Mon, 19-Sep-2016 19:15:25 GMT; path=/; secure; HttpOnly&nbsp;
Set-Cookie: ASP.NET_SessionId=; expires=Mon, 19-Sep-2016 19:15:25 GMT; path=/; secure; HttpOnly&nbsp;
Set-Cookie: F5Sess=; expires=Mon, 19-Sep-2016 19:15:25 GMT; path=/; secure; HttpOnly&nbsp;
Set-Cookie: F5ConnSess=; expires=Mon, 19-Sep-2016 19:15:25 GMT; path=/; secure; HttpOnly&nbsp;
Date: Tue, 20 Sep 2016 19:15:25 GMT&nbsp;
Connection: close  &nbsp;

vijay_e · Answer

Who is sending the TCP connection close FIN flag ? Client or F5 ? You should be able to identify this by doing a tcpdump. I am guessing the client browser is closing the connection once a redirect is received.

tatmotiv · Answer

Why would you want to keep the tcp connection to port 80 open after the redirect? In most cases (if the service is configured properly), there will not be any further http requests to port 80 as the redirection already has happened. All subsequent requests should go to port 443, which of course can only be handled in a separate tcp connection due to the changed destination port.

kai_wilke · Answer

Hi Rjones,
there is no relationship between the HTTP and HTTP Virtual Servers. You can savely close the connection on HTTP without getting any side effecs for the subsequent HTTPS request.
I guess its just CURL that tricks you out and send slightly different request for curl -IL https://clients.F5.com and curl -IL clients.F5.com. 
You could issue a curl -v -IL https://clients.F5.com and curl -v -IL clients.F5.com to see any differenced in CURLs request headers.
Cheers, Kai

Forum Discussion

Keep Connection open on redirect

3 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Failing over Virtual F5 VE to DR location using Zerto

Failing over of a Virtual F5 configuration to another location using Zerto restore process

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Username is not filled in EdgeClient in the Modern customization

The GSLB pool is providing an incorrect IP to end users

Related Content

F5 HTTPS Redirect 2025

Site-to-Site Connectivity in F5 Distributed Cloud Network Connect – Reference Architecture

F5 Distributed Cloud Kubernetes Integration: Securing Services with Direct Pod Connectivity

AWS Transit Gateway Connect: GRE + BGP = ?

DevCentral Connects Recap: Open Finance, APIs, AI & Security

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS