Forum Discussion

centur_140148's avatar
centur_140148
Icon for Nimbostratus rankNimbostratus
May 20, 2015

Problems with local traffic policies while using http-uri scheme or port conditions

A local traffic policy rule does not work:   I inserted a new local traffic policy:   requires: http controls: forwarding Then I added a policy rule with:   Operand:http-uri Event:reque...
application delivery
LTM
nitass's avatar
nitass
Icon for Employee rankEmployee
Jun 04, 2015

i understand http-uri's scheme is for proxy request.

 configuration

root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
    destination 172.28.24.10:80
    ip-protocol tcp
    mask 255.255.255.255
    policies {
        cpm1 { }
    }
    profiles {
        http { }
        tcp { }
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    vs-index 18
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool proxyp
ltm pool proxyp {
    members {
        172.28.24.1:3128 {
            address 172.28.24.1
        }
    }
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm policy cpm1
ltm policy cpm1 {
    controls { forwarding }
    requires { tcp http }
    rules {
        rule1 {
            actions {
                0 {
                    forward
                    select
                    pool proxyp
                }
            }
            conditions {
                0 {
                    http-uri
                    scheme
                    values { http }
                }
            }
            ordinal 1
        }
    }
    strategy first-match
}

 trace

[root@ve11a:Active:In Sync] config  ssldump -Aed -nni 0.0 port 80 or port 3128
New TCP connection 1: 192.168.206.117(50517) <-> 172.28.24.10(80)
1433405981.6632 (0.0036)  C>S
---------------------------------------------------------------
GET http://www.starbucks.com/ HTTP/1.1
Host: www.starbucks.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

---------------------------------------------------------------

New TCP connection 2: 172.28.24.14(50517) <-> 172.28.24.1(3128)
1433405981.6648 (0.0014)  C>S
---------------------------------------------------------------
GET http://www.starbucks.com/ HTTP/1.1
Host: www.starbucks.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

---------------------------------------------------------------