Forum Discussion
NimbostratusProxypass issue
I have the latest proxypass irule configure on my f5, but I cannot get it to do what I want.
I want dev.suny.edu to be reverse proxied to myappserver.com:7900/security
So my data group is:
dev.suny.edu/security := scendawl3.sysadmin.suny.edu7900/security
Jan 10 08:47:17 local/tmm info tmm[5538]: Rule ProxyPass : VS=HTTP_DEV.SUNY.EDU, Host=dev.suny.edu, URI=/security/welcome.png: 200 response from http_DEV_suny_edu 141.254.104.151 80
Jan 10 08:47:17 local/tmm info tmm[5538]: Rule ProxyPass : VS=HTTP_DEV.SUNY.EDU, Host=dev.suny.edu, URI=/security/welcome.png: $stream_expression_cmd: STREAM::expression "@scendawl3.sysadmin.suny.edu:7900@dev.suny.edu/security@", $stream_enable_cmd: STREAM::enable
Jan 10 08:47:17 local/tmm info tmm[5538]: Rule ProxyPass : VS=HTTP_DEV.SUNY.EDU, Host=dev.suny.edu, URI=/security/welcome.png: Successfully configured and enabled stream filter
Jan 10 08:47:17 local/tmm info tmm[5538]: Rule ProxyPass : VS=HTTP_DEV.SUNY.EDU, Host=dev.suny.edu, URI=/security/welcome.png: Checking Location=, $protocol=
Jan 10 08:47:17 local/tmm info tmm[5538]: Rule ProxyPass : VS=HTTP_DEV.SUNY.EDU, Host=dev.suny.edu, URI=/security/welcome.png: Checking Content-Location=, $protocol=
Jan 10 08:47:17 local/tmm info tmm[5538]: Rule ProxyPass : VS=HTTP_DEV.SUNY.EDU, Host=dev.suny.edu, URI=/security/welcome.png: Checking URI=, $protocol=
Jan 10 08:47:19 local/tmm info tmm[5538]: Rule ProxyPass : VS=HTTP_DEV.SUNY.EDU, Host=dev.suny.edu, URI=/favicon.ico: No rule found, using default pool http_DEV_suny_edu and exiting
Jan 10 08:47:19 local/tmm info tmm[5538]: Rule ProxyPass : VS=HTTP_DEV.SUNY.EDU, Host=dev.suny.edu, URI=/favicon.ico: 200 response from http_DEV_suny_edu 141.254.104.151 80
Jan 10 08:47:19 local/tmm info tmm[5538]: Rule ProxyPass : VS=HTTP_DEV.SUNY.EDU, Host=dev.suny.edu, URI=/favicon.ico: Rewriting response content enabled, but disabled on this response.
Basically I end up at the Welcome to IIS7 page.
What am I missing?
- Alex
4 Replies
hoolioCirrostratus
Hi Alex,
Do you have a colon in the datagroup's value?
dev.suny.edu/security := scendawl3.sysadmin.suny.edu:7900/security
Can you show the logs for a client request to dev.suny.edu/security?
Thanks, Aaron
AlexDeMarcoYes sorry that was typoe in my post.. Yes there is a colon. When you say the logs for dev.suny.edu/security you mean from my IIS server? what is it seeing? So our IIS instances are setup to respond when a specific host header is recieved. So I have a website difined that will only respond with host header of dev.suny.edu. The fact that I get a 404 back says that the f5 is sending the request straight to the ip without the host header value.
- Alex
- hoolioSo the server requires dev.suny.edu as the host header. Is dev.suny.edu what the client is accessing the LTM virtual server with? If so, you shouldn't need to use ProxyPass.
Or does the server require scendawl3.sysadmin.suny.edu:7900 as the host header value it receives?
Thanks, Aaron - AlexDeMarco
the dawl3 box does not care about host header.
So this is what I am trying to solve.
On our IIS server where dev.suny.edu is we also have and Oracle 11g Proxy tool that is configured to reverse proxy various contexts /security for example to a back end oracle application server. I really want to take that task away from IIS.
Since dev.suny.edu is a vip/pool on the F5, it would be nice if the F5 could see the /securty request and just do the reverse proxy for me. THe browser client would only ever see dev.suny.edu/security. /security would be fulfillied by the application server (or another F5 vip) . Follow?
- Alex
