Forum Discussion
Altocumulusredirect based on port
I have an application that already has a URL and needs to migrate to the F5. The way it is setup you go to the URL and get one application and if you go to the URL:port you get a second application. So I would like to write an Irule that would take newapp.com and send it to one pool and newapp.com:8080 and send it to another pool. It will start out with only one port but could me more before you know it. I did something similar but it was with a "/" the ":" seems to be giving me trouble. Thanks Joe
5 Replies
Cory_50405Noctilucent
You wouldn't necessarily have to use iRules. You could just create separate virtual servers for each TCP port you wish to serve content for. All virtual servers can all use the same IP address, but can listen on different ports, and each one can use its own unique pool.
sundogbrewCory, I may not understand what you are saying. Are you saying create two virtual hosts one on say 80 and one on 81? I need the actual url to be https. I might not have made that clear. So it would answer on 443 and forward to a pool and if they followed up with a port it would go to a different pool. https://newapp.comfirst_pool https://newapp.com:8080 second_pool Thanks Joe
- Cory_50405
I was saying to use two virtual servers, but if everything is coming in on 443...
You can build an iRule to direct to certain pools based on the TCP port specified. However, I'm not understanding how your clients are going to be directed to use a port other than 443. Will this be a redirect from the server? In order to best advise you on how to set things up, I wanted to get a better idea of how your environment is working or how you intend for it to work.
- nitass
Employee
e.g.
config root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar ltm virtual bar { destination 172.28.24.10:0 ip-protocol tcp mask 255.255.255.255 profiles { clientssl { context clientside } http { } tcp { } } rules { qux } source 0.0.0.0/0 source-address-translation { type automap } vs-index 16 } root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux ltm rule qux { when CLIENT_ACCEPTED { switch [TCP::local_port] { 443 { pool first_pool } 8080 { pool second_pool } default { do something } } } when HTTP_REQUEST { set url "https://[HTTP::host][HTTP::uri]" } when SERVER_CONNECTED { log local0. "client=[IP::client_addr]:[TCP::client_port] vs=[clientside {IP::local_addr}]:[clientside {TCP::local_port}] url=$url pool=[LB::server pool] server=[IP::server_addr]:[TCP::server_port]" } } root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool first_pool ltm pool first_pool { members { 200.200.200.101:80 { address 200.200.200.101 } } } root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool second_pool ltm pool second_pool { members { 200.200.200.111:80 { address 200.200.200.111 } } } /var/log/ltm [root@ve11a:Active:In Sync] iproute2 tail -f /var/log/ltm Apr 21 22:45:05 ve11a info tmm[13593]: Rule /Common/qux : client=172.28.24.1:60607 vs=172.28.24.10:443 url=https://newapp.com/something pool=/Common/first_pool server=200.200.200.101:80 Apr 21 22:45:20 ve11a info tmm[13593]: Rule /Common/qux : client=172.28.24.1:56450 vs=172.28.24.10:8080 url=https://newapp.com:8080/something pool=/Common/second_pool server=200.200.200.111:80 - sundogbrew
Thank you guys for your response. I may not need to do this, it may get changed on the developer side. We shall see. Thanks Joe
