ProxyPass Irule --- reverse proxy

Hi Abhay,

 

 

Have you had a chance to read the instructions on the ProxyPass v10 Codeshare page (Click here?

 

 

I think the details there are very comprehensive. If you try something and it doesn't work, you can enable debug in the RULE_INIT event and check the /var/log/ltm output. If you want help interpreting the logs, you can reply here with your configuration and the log output.

 

 

Aaron

Can you try copying the most recent version of the v10 ProxyPass iRule? I made some minor edits to it recently that may have fixed this error you're encountering.

 

 

Thanks,

 

Aaron

Hi Aaron:

 

 

Thanks! Now its work for me only one uri and not for others.

 

 

Kindly find the below log files.

 

 

(Working for /mpso/dar/)

 

 

Nov 11 11:11:45 local/tmm1 info tmm1[2581]: Rule ProxyPassIOC : IOC: 114.143.222.162:4045 -> 10.146.64.250:80

 

Nov 11 11:11:45 local/tmm1 info tmm1[2581]: Rule ProxyPassIOC : VS=IOC, Host=webapp.indianoil.co.in, URI=/favicon.ico: No rule found

 

Nov 11 11:11:45 local/tmm1 info tmm1[2581]: Rule ProxyPassIOC : VS=IOC, Host=webapp.indianoil.co.in, URI=/favicon.ico: Rewriting response content enabled, but disabled on this response.

 

 

(Not working for /bpso/dar/)

 

 

Nov 11 11:12:53 local/tmm1 info tmm1[2581]: Rule ProxyPassIOC : IOC: 114.143.222.162:4641 -> 10.146.64.250:80

 

Nov 11 11:12:53 local/tmm1 info tmm1[2581]: Rule ProxyPassIOC : VS=IOC, Host=webapp.indianoil.co.in, URI=/bpso/dar/: No rule found

 

Nov 11 11:12:53 local/tmm1 info tmm1[2581]: Rule ProxyPassIOC : VS=IOC, Host=webapp.indianoil.co.in, URI=/bpso/dar/: Rewriting response content enabled, but disabled on this response.

 

 

I hav added below string entries in the external files.

 

"/mpso/dar/" := "10.132.32.36/mpso/dar/ dar_mpso",

 

"/bhso/dar/" := "10.68.64.34/bhso/dar/ dar_bhso",

 

 

Kindly let me know if any thing wrong in my config?

 

 

 

Regards,

 

Abhay

 

 

 

 

 

 

The first request in the logs you posted was a request for /favicon.ico which didn't match any proxypass rule from the configuration datagroup. The second request was for /bpso/dar/ which is not configured in the datagroup either.

 

 

For the first proxypass rule you listed in your original post, you have:

 

 

ProxyPass /upso1/dar/ http://10.38.32.35/upso1/dar/

 

 

Do you really want the Host header rewritten from what the client requested to 10.38.32.35 for every request to /upso1/dar/? Are you load balancing the request? If so, the server probably wouldn't be configured for another IP address it's not listening on.

 

 

If you do want the host header rewritten to the IP address, then the first rule you have listed in the proxypass datagroup should do that. Can you make a request to the VIP with a URI starting with /mpso/dar/ and see if it matches the first rule you have listed in the proxypass datagroup? The request should then have the Host header rewritten to 10.132.32.36 and be sent to the dar_mpso pool.

 

 

Aaron

Hi all

 

 

One of our web service is using Apache reverse proxy, and the same is migrating to LTM. Checked "ProxyPass" v10 i-rule, it is too big to understand :(

 

 

Can you please share if you have a simple code which is specific to proxy pass rewrites

 

 

/directories/ http://kel-internal.abc.com:7125/directories/

 

 

...fLy

 

Hi Fly,

 

 

Have you tried using the latest proxypass version and setting up a string datagroup with this format:

 

 

name: /directories/ value: kel-internal.abc.com:7125/directories/

 

 

If that doesn't work, try setting static::ProxyPassDebug to 2, test and check /var/log/ltm for the debug logging.

 

 

Aaron

Or if you're just trying to map requests to /directories/ to a separate pool, you could use an iRule like this:

when CLIENT_ACCEPTED {
     Save the name of the VS default pool
    set default_pool [LB::server pool]
}
when HTTP_REQUEST {
     Check the requested URI
    switch -glob [HTTP::uri] {
        "/directories/*" {
            pool directories_pool
        }
        default {
            pool $default_pool
        }
    }
}

Aaron

The VS is configured with ip addeess 10.0.0.1 port 80. Pool members are listening on port 8443.

 

 

The rewrite should be done in such a way that rewritten url

 

 

/directory/ http://10.0.0.1:8123/directory.

 

 

Bit confuced on thiss point, VS is listening on its external interface & new url is on the same ip as that of VS with loadbalancing is required as pool member is also listening on 8123. :(

Just to add, Is there anything to modify in the proxypass irule other than the datagroup

I don't think you shouldn't need ProxyPass for this. By default (destination) address and port translation is enabled on the virtual server.

 

 

Do you need to send requests for /directory/* to a separate server than all other requests? If so you should be able to use an iRule like the one I posted above to select a separate pool.

 

 

If that's not accurate for you, can you clarify what you want non-/directory/ request sent to? Do you need to rewrite the host header value as well?

 

 

Aaron