Forum Discussion

SteveD1979's avatar
Oct 05, 2023

Redirecting part of a URL

Hi,

I'm trying to redirect part of the URL but not the whole URL.  The URL would be hitting our GTMs first and be something like application.something.gtm.domain.com and I want to flip it to something like application.something.datacenter.domain.com on the BIG IPs.

22 Replies

  • I forgot to mention that the pool is going to be our openshift router so several applications will be hitting it.  We'll have separate WIPs for each app on our GTMs but the pool would be the same on the LTMs so the irule on the LTM i'd like to have any application.something coming in be able to switch the gtm.domain.com to the datacenter.domain.com keeping everything in front of it.  Our openshift engineer doesn't want to have to add the .gtm.domain.com route to each application.

  • SteveD1979 First I will be changing domain.com to example.com. I'm not understanding why the client would be entering application.something.gtm.example.com in the first place. Typically the way DNS is configured is you would have the following.

    *** DNS at auth NS for example.com ***
    application.something.datacenter.example.com  300  IN  CNAME application.something.gtm.example.com

    *** DNS on GTM for gtm record ***
    application.something.gtm.example.com  300  IN  A  1.1.1.1
    application.something.gtm.example.com  300  IN  A  1.1.1.2

    Then the client would connect to either IP depending on what the GTM responded with while still maintaining the FQDN application.something.datacenter.example.com. Typically you wouldn't want to narrow down the FQDNs to be a specific datacenter name because that allows people to aquire more information about your infrastructure than they should.

    • SteveD1979's avatar
      SteveD1979
      Icon for Cirrus rankCirrus

      Right that's how everything else we have is setup.  For this situation though right now they're just using LTMs in separate datacenters.  There is an A record that points to a VIP in the datacenter that is active and for a disaster recovery situation DNS would be changed to point the record to the VIP in the other datacenter.  The DNS records are wildcarded *.datacenter.domain.com to 1.1.1.1 and that resolved to a VIP with the openshift routers as the pool members.  Based on the application.something part of the URL Openshift knows where to route the traffic.  

      For this they want the developers to have a singular URL for their apps that wouldn't have to be changed in a true disaster or just a disaster recovery exercise so that would be their application.gtm.domain.com.  There would be a separate WIP for each.  So in a disaster situation we would just disable the pool member on the GTM for the datacenter that they weren't running out of.  

      The openshift configuration needs to have a route configured to know which application is being called.  Right now thats the application.something.datacenter.domain.com and those engineers don't want to have to add another route (the gtm.domain.com) for each application.  This is all internal traffic not exposed to the internet.

      It isn't going to be a hot/hot scenerio but we wanted the developers to have one URL, traffic to know which datacenter based on the pool member enabled on the wide IP but then when it gets to the VIP on the LTM change the URL ending so that openshift still see the route and knows where to send the traffic.

      When we do disaster recovery exercises not all of the applications do it at the same time so we need to be able to send some traffic to one datacenter or the other.

      • Paulius's avatar
        Paulius
        Icon for MVP rankMVP

        SteveD1979 The following is what you should have for each application.

        *** DNS Auth for example.com ***
        application.example.com

        *** DNS on GTM ***
        application.gtm.example.com

        Having the above configuration for each application will provide you the flexibility of being able to failover each application without much complexity on the GTM side of things. I believe it is possible to create a data-group with every application and a value of 0 or 1 and then configure an iRule to reference the data-group to check each application and it's value and failover based on that but that adds unneaded complexity to the GTM configuration.

  • Hi SteveD1979,

     

    Do you want reditect level GTM or LTM ?

    • SteveD1979's avatar
      SteveD1979
      Icon for Cirrus rankCirrus

      Either one should be fine but I might need to do it differently if it isn't going to work with the http protocol profile on the VIP.  I thought since it let me apply it and update and also with the when http_request irule without throwing errors that I'd be able to use them.  I wanted to use the x-forwarder too