Forum Discussion

Steve_15498's avatar
Icon for Nimbostratus rankNimbostratus
Oct 11, 2011

Redirect or Reverse Proxy or ??

I'm extremely new to the F5 community and fairly new to NLB in general..



I've got a secure web site live at one datacenter and we'll be moving this to a new data center behind an LTM and getting a new external IP. We have a 99% uptime SLA on this site.



Rather than dealing with DNS propagation and using a forwarder at the existing/old site post cut over. I was told by a coworker that we could do a relay or redirect at the new site with a web server and possibly with the F5 LTM allowing us to update the DNS record at any point prior to the cutover.



I was hoping someone here could help direct me not only with the correct terminology for this technology, but if and how it would work with the LTM.



My coworker calls it a relay, I've asked my dev guys and they're only familiar with redirects..



We need the host header to remain the same to prevent certificate issues prior to the cut over and to make the transition as seamless as possible with 0 downtime.



Thanks in advance..


3 Replies

  • Colin_Walker_12's avatar
    Historic F5 Account



    I'm not 100% clear on what you're trying to achieve. You have 2 DCs, one app. That app is hosted in DC1 and is going to be moving to DC2, behind an LTM. That much I'm clear on.



    What is it you want to do within DC2 and the LTM to help facilitate the swing exactly?



  • I was hoping to configure a "redirect" or "proxy" to point back to the other IP address at DC1. So I could make my DNS update to point to the IP address at DC2 and have the LTM direct traffic back to DC1 until the cutover date.



    My understanding of a standard redirect is that it alters the URL or header from to (redirected URL). This would cause a problem with the SSL cert not matching the header of



    Maybe it's done easier by registering an additional DNS name. I just was told that a relay was possible, but I'm not familiar or finding much on a relay function of IIS or the LTM.



    I hope I'm making sense.. I start to confuse myself and I'm usually a pretty savvy guy.
  • Hi Steve,



    I think I understand what you are after following your second explanation, but correct me if I am wrong. Do you you want your traffic to go like this:



    DNS -> IP Address at DC2 -> DC1 for application content



    If that is the case then consider / test this this:



    On the DC2 Virtual Server configure SNAT Automap.


    In the Pool that the DC2 Virtual Server is configured to use, add the IP Address of the application at DC1.


    Verify that when you access the Virtual Server IP Address at DC2, that the content is pulled from DC1.


    If testing successful, point your DNS to the Virtual Server IP Address at DC2 until your migration has been completed.



    This would negate the need for a redirect, but you are going to want to test it to make sure that everything works as designed (with the additional latency which can and will vary).



    Hope this helps.