Forum Discussion

jgrohol_43248's avatar
jgrohol_43248
Icon for Nimbostratus rankNimbostratus
Jun 28, 2010

Port Translation

I've been struggling all day with this one... I have two separate problems and not sure if they are related.

 

 

1. I have a VS configured to listen on an IP and on port HTTP 80. I have it attached to a pool with a few webservers in it. The webservers are serving on port TCP 8080 instead. I have the "Port Translation" checkbox checked under the VS settings. It appears that it is not working.

 

 

2. The URL that points to that VIP is "http://test1.phly.net". When you hit that URL and it gets passed along to the pool member, the server replies with an HTTP 301 redirect and replies with its own hostname instead "http://server1.phly.net". We want to find when a 301 redirect comes in and replace the hostname with the original URL of "http://test1.phly.net". I've been working with iRules but couldn't really get anything working as of yet. One of the problems in the iRule is that we don't want to statically set what to swap out in the HTTP Header. This needs to be dynamic because of all of the possible pool members that it can have.

 

 

Any ideas or suggestions?

 

 

I'm on version 10.1.0.

 

application delivery
dev
devops
iRules
  • Michael_Yates's avatar
    Michael_Yates
    Icon for Nimbostratus rankNimbostratus
    Jun 28, 2010
    You will need to find what is sending the 301 Redirect (sounds like the server(s)) and stop it there.

    This should capture the redirect from the server and change the "server1" value to "test1". If the server is indeed sending this redirect back to the requestor, then this iRule will create and endless loop between the two. 

    
when HTTP_RESPONSE {
if { [HTTP::is_redirect] } {
HTTP::header replace Location [ string map  {"server1" "test1"} [HTTP::header Location] ]
}
}
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Jun 28, 2010
    Port translation is fairly bullet proof. I'd guess the issue is not with the port translation, but with the application's references to itself within the HTTP.

    Here's something to start with to replace the domain in redirects. If this doesn't fix all of the issues, try using a browser plugin like HttpFox for Firefox or Fiddler for IE to check the web app response headers and/or payloads. 

    
when HTTP_RESPONSE {

    Check if response is a redirect
   if {[HTTP::is_redirect]}{

       Replace the hostname in the Location header with the external FQDN
      HTTP::header replace Location "[string map -nocase [URI::host [HTTP::header Location]] test1.phly.net" [HTTP::header Location]]
   }
}

    Aaron
  • jgrohol_43248's avatar
    jgrohol_43248
    Icon for Nimbostratus rankNimbostratus
    Jun 29, 2010
    Michael I was using that same iRule to test, the only problem is I'd have to statically define the server hostnames to replace. I want to keep that part dynamic so I don't have to update the iRule everytime they add a server to the pool.

     

     

    Aaron, I like your script because it's grabbing the host by URI::host, but that iRule doesn't seem to be working. I also ran into a syntax error when I tried it.
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Jun 29, 2010
    Sorry, it was a misplaced double quote. Can you try this: 

    
when HTTP_RESPONSE {

    Check if response is a redirect
   if {[HTTP::is_redirect]}{

       Replace the hostname in the Location header with the external FQDN
      HTTP::header replace Location [string map -nocase "[URI::host [HTTP::header Location]] test1.phly.net" [HTTP::header Location]]
   }
}

    Aaron
  • jgrohol_43248's avatar
    jgrohol_43248
    Icon for Nimbostratus rankNimbostratus
    Jun 29, 2010
    That worked...

    I've added to it to make it even more dynamic. I'm grabbing the FQDN from the HTTP request and changing the hostname to it. 

    when HTTP_REQUEST {
set ext_fqdn "[HTTP::host]"
}

when HTTP_RESPONSE {

    Check if response is a redirect
   if {[HTTP::is_redirect]}{

       Replace the hostname in the Location header with the external FQDN
      HTTP::header replace Location [string map -nocase "[URI::host [HTTP::header Location]] $ext_fqdn" [HTTP::header Location]]
   }
}
  • jgrohol_43248's avatar
    jgrohol_43248
    Icon for Nimbostratus rankNimbostratus
    Jun 29, 2010
    I also had a question... Isn't this iRule the same thing as changing the "Redirect Rewrite" under the Profile?
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Jun 29, 2010
    Nice work.

     

     

    With the Redirect Rewrite option on an HTTP profile, you can rewrite http:// to https:// or the node address to the VS address. But you can't replace the hostname in a redirect with the VS address or the hostname the client requested.

     

     

    Aaron
  • jgrohol_43248's avatar
    jgrohol_43248
    Icon for Nimbostratus rankNimbostratus
    Jun 29, 2010
    Ok. Thanks for that explanation.

     

     

    So the code we are working with above only works in Firefox. IE gives me a page cannot be displayed and Google Chrome just shows me nothing. Firefox works like a champ though. ???
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Jun 29, 2010
    Do you see any errors in /var/log/ltm when testing with IE or Chrome? Can you use a browser plugin like Fiddler to see which request the failure is occurring on?

     

     

    Aaron
  • jgrohol_43248's avatar
    jgrohol_43248
    Icon for Nimbostratus rankNimbostratus
    Jun 29, 2010
    Well here's the crazy part. In the end they want to replace the hostname in the redirect to keep the common URI. They also want the VIP to be on port HTTP 80 while the backend pool servers are on port 8080. I just changed my VS to listen on 80 instead of 8080 and wham. All 3 browsers now work with the port translation and the hostname change in the iRule we made. Weird. Not sure why doing the port translation "fixed" the other browser problems.