Hi,I'm trying to redirect part of the URL but not the whole URL. The URL would be hitting our GTMs first and be something like application.something.gtm.domain.com and I want to flip it to something like application.something.datacenter.domain.com on the BIG IPs.

I forgot to mention that the pool is going to be our openshift router so several applications will be hitting it. We'll have separate WIPs for each app on our GTMs but the pool would be the same on the LTMs so the irule on the LTM i'd like to have any application.something coming in be able to switch the gtm.domain.com to the datacenter.domain.com keeping everything in front of it. Our openshift engineer doesn't want to have to add the .gtm.domain.com route to each application.

SteveD1979 First I will be changing domain.com to example.com. I'm not understanding why the client would be entering application.something.gtm.example.com in the first place. Typically the way DNS is configured is you would have the following. *** DNS at auth NS for example.com ***application.something.datacenter.example.com 300 IN CNAME application.something.gtm.example.com *** DNS on GTM for gtm record ***application.something.gtm.example.com 300 IN A 1.1.1.1application.something.gtm.example.com 300 IN A 1.1.1.2 Then the client would connect to either IP depending on what the GTM responded with while still maintaining the FQDN application.something.datacenter.example.com. Typically you wouldn't want to narrow down the FQDNs to be a specific datacenter name because that allows people to aquire more information about your infrastructure than they should.

Right that's how everything else we have is setup. For this situation though right now they're just using LTMs in separate datacenters. There is an A record that points to a VIP in the datacenter that is active and for a disaster recovery situation DNS would be changed to point the record to the VIP in the other datacenter. The DNS records are wildcarded *.datacenter.domain.com to 1.1.1.1 and that resolved to a VIP with the openshift routers as the pool members. Based on the application.something part of the URL Openshift knows where to route the traffic. For this they want the developers to have a singular URL for their apps that wouldn't have to be changed in a true disaster or just a disaster recovery exercise so that would be their application.gtm.domain.com. There would be a separate WIP for each. So in a disaster situation we would just disable the pool member on the GTM for the datacenter that they weren't running out of. The openshift configuration needs to have a route configured to know which application is being called. Right now thats the application.something.datacenter.domain.com and those engineers don't want to have to add another route (the gtm.domain.com) for each application. This is all internal traffic not exposed to the internet.It isn't going to be a hot/hot scenerio but we wanted the developers to have one URL, traffic to know which datacenter based on the pool member enabled on the wide IP but then when it gets to the VIP on the LTM change the URL ending so that openshift still see the route and knows where to send the traffic.When we do disaster recovery exercises not all of the applications do it at the same time so we need to be able to send some traffic to one datacenter or the other.

SteveD1979 The following is what you should have for each application. *** DNS Auth for example.com ***application.example.com *** DNS on GTM ***application.gtm.example.com Having the above configuration for each application will provide you the flexibility of being able to failover each application without much complexity on the GTM side of things. I believe it is possible to create a data-group with every application and a value of 0 or 1 and then configure an iRule to reference the data-group to check each application and it's value and failover based on that but that adds unneaded complexity to the GTM configuration.

That's how we have every other application configured that have their own dedicated static VIPs on the LTMs. For this since there are so many applications hitting the same VIP and not all can be moved I thought it would be easier if i could just redirect part of the URL. I'm not sure how to do that with the datagroups but are you saying redirecting part of a URL isn't possible? I tried a policy and several irules to look for contains and replace in the URL but it wasn't working.

Redirecting part of a URL

22 Replies

SteveD1979
Cirrostratus
Oct 05, 2023
I forgot to mention that the pool is going to be our openshift router so several applications will be hitting it. We'll have separate WIPs for each app on our GTMs but the pool would be the same on the LTMs so the irule on the LTM i'd like to have any application.something coming in be able to switch the gtm.domain.com to the datacenter.domain.com keeping everything in front of it. Our openshift engineer doesn't want to have to add the .gtm.domain.com route to each application.
Paulius
MVP
Oct 06, 2023
SteveD1979 First I will be changing domain.com to example.com. I'm not understanding why the client would be entering application.something.gtm.example.com in the first place. Typically the way DNS is configured is you would have the following.

*** DNS at auth NS for example.com ***
application.something.datacenter.example.com 300 IN CNAME application.something.gtm.example.com

*** DNS on GTM for gtm record ***
application.something.gtm.example.com 300 IN A 1.1.1.1
application.something.gtm.example.com 300 IN A 1.1.1.2

Then the client would connect to either IP depending on what the GTM responded with while still maintaining the FQDN application.something.datacenter.example.com. Typically you wouldn't want to narrow down the FQDNs to be a specific datacenter name because that allows people to aquire more information about your infrastructure than they should.
- SteveD1979
  Cirrostratus
  Oct 06, 2023
  Right that's how everything else we have is setup. For this situation though right now they're just using LTMs in separate datacenters. There is an A record that points to a VIP in the datacenter that is active and for a disaster recovery situation DNS would be changed to point the record to the VIP in the other datacenter. The DNS records are wildcarded *.datacenter.domain.com to 1.1.1.1 and that resolved to a VIP with the openshift routers as the pool members. Based on the application.something part of the URL Openshift knows where to route the traffic.
  For this they want the developers to have a singular URL for their apps that wouldn't have to be changed in a true disaster or just a disaster recovery exercise so that would be their application.gtm.domain.com. There would be a separate WIP for each. So in a disaster situation we would just disable the pool member on the GTM for the datacenter that they weren't running out of.
  The openshift configuration needs to have a route configured to know which application is being called. Right now thats the application.something.datacenter.domain.com and those engineers don't want to have to add another route (the gtm.domain.com) for each application. This is all internal traffic not exposed to the internet.
  It isn't going to be a hot/hot scenerio but we wanted the developers to have one URL, traffic to know which datacenter based on the pool member enabled on the wide IP but then when it gets to the VIP on the LTM change the URL ending so that openshift still see the route and knows where to send the traffic.
  When we do disaster recovery exercises not all of the applications do it at the same time so we need to be able to send some traffic to one datacenter or the other.
  - Paulius
    MVP
    Oct 06, 2023
    SteveD1979 The following is what you should have for each application.
    
    *** DNS Auth for example.com ***
    application.example.com
    
    *** DNS on GTM ***
    application.gtm.example.com
    
    Having the above configuration for each application will provide you the flexibility of being able to failover each application without much complexity on the GTM side of things. I believe it is possible to create a data-group with every application and a value of 0 or 1 and then configure an iRule to reference the data-group to check each application and it's value and failover based on that but that adds unneaded complexity to the GTM configuration.
T-Trust
Cirrostratus
Oct 09, 2023
Hi SteveD1979,

Do you want reditect level GTM or LTM ?
- SteveD1979
  Cirrostratus
  Oct 10, 2023
  Either one should be fine but I might need to do it differently if it isn't going to work with the http protocol profile on the VIP. I thought since it let me apply it and update and also with the when http_request irule without throwing errors that I'd be able to use them. I wanted to use the x-forwarder too

Forum Discussion

Redirecting part of a URL

22 Replies

Recent Discussions

"Brighten Your Health: Vitamin Dee Me Gummies Now Available in South Africa"

Need help on CLI command to fetch < VIP Name + current connections >

Glycogen Control Australia Is Right For You See Here

APM combine check for ldap group plus IP ACL

Error in REST https call to get the Auth token v15.1.8

Related Content

url redirect

Capture part of URL to redirect to another

BIG-IP Solutions: Simple URL Redirects

URL redirection irule

URL redirection iRule