Forum Discussion
Redirecting public facing URL to an internal non public facing URL
Hello, it is possible either with iRule or with LTM policy.
iRules usually allow for more flexibility since they aren't limited to specific pre-coded instruction sets, while LTM policy performs much better (for same instructions, irule usually is 20% slower)
I would not set up a HTTP::redirect to hosts that can't be accessed by the public, but you can load balance the requests setting the internal LTM Virtual Server IP:port socket as a pool member. If you need to modify the packet beforehand (eg. rewriting URL or Host) there's tools that allow it in both iRule and LTM policy.
I can try to provide sample code
when HTTP_REQUEST {
#I'd recommend switch if you have few exact matches for your URI, eg. on HOST header
#I'd also recommend switch if you need to perform different actions on every match
switch -glob [string tolower [HTTP::host]] {
test1.domain.com { pool <pool_name> }
test2.domain.com { pool <pool_name> }
test3.domain.com {
pool <pool_name>
HTTP::header replace Host "newhost.domain.com" #sample rewrite (not a redirect)
}
}
#Alternatively, I'd recommend data group if you need to perform a single few actions on a long list of possible match
#read as: does the uri contain an element of datagroup_path_rewrite (case sensitive)
if {[class match [HTTP::uri] contains datagroup_path_rewrite]} {
HTTP::path /newpath/portal.js #this rewrites the URI path before senting traffic to BE server
}
}
To work with Data Group you must first configure one in Local Traffic > iRules > Data Groups, example below
ltm data-group internal /Common/datagroup_path_rewrite {
records {
/oldsubfolder1/ { }
/oldsubfolder2/ { }
/oldsubfolder3/ { }
/oldsubfolder4/ { }
/oldsubfolder5/ { }
}
type string
}
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com