Reverse Proxy Problems

As long as your pool members are configured to listen on port 50,000 and you have "Port Translation" enabled on your VIP, you shouldn't have a problem.

this is m irule...

 

 

when HTTP_REQUEST {

 

 

Rewrite the URI (set the entire URI to lower case)

 

HTTP::uri [string tolower [HTTP::uri]]

 

 

Check what service is being called

 

if {[HTTP::uri] equals {xpro.xx.tt}} {

 

 

Changes the URI

 

HTTP::redirect {xpro.xx.tt/teste/tt/rr}

 

 

Defines the correct pool

 

pool teste-reverse_proxy-pool1

 

}

 

 

the pool has 2 nodes listening in port 50000. The virtual server is listening on port 80. The requests aren't being redirect to the pool in question.

 

Hi Minas,

 

 

Try adding debug logging in the iRule to help you determine what's happening versus what you expect to happen. You can start with a single log line at the beginning of the rule:

 

 

log local0. "[IP::client_addr]:[TCP::client_port]: [HTTP::method] request to host [HTTP::host] and URI [HTTP::uri]"

 

 

Normally, the URI won't contain the host. If you want to check for requests being made to xpro.xx.tt, you'd probably want to check the HTTP::host output. If you've defined the pool on the virtual server, you don't need to specify it in the rule.

 

 

Also, the value for HTTP::uri is cached within the HTTP_REQUEST event. So if you retrieve it, set it using HTTP::uri "/new_uri" and then try to retrieve the updated value, HTTP::uri will still show the original cached value.

 

 

Aaron

Try this:

 

 

when HTTP_REQUEST {
if { [string tolower [HTTP::uri]] starts_with "/xpro.xx.tt" } {
HTTP::uri xpro.xx.tt/teste/tt/rr
pool teste-reverse_proxy-pool1 

}
}

 

 

Note: This code will NOT change the URL in the browser. It will only change the URL Request being sent to the server, and then sends that newly formed request to the specified pool.

 

 

If you want the Browser URL to change you will have to add additional logic:

 

when HTTP_REQUEST {
if { [string tolower [HTTP::uri]] equals "/xpro.xx.tt" } {
HTTP::redirect http://[getfield [HTTP::host] ":" 1]/xpro.xx.tt/teste/tt/rr
}
}

 

 

The code above assumes that the pool "teste-reverse_proxy-pool1" is the default pool assigned to the Virtual Server. If not:

 

when HTTP_REQUEST {
if { [string tolower [HTTP::uri]] equals "/xpro.xx.tt" } {
HTTP::redirect http://[getfield [HTTP::host] ":" 1]/xpro.xx.tt/teste/tt/rr
}
if { [string tolower [HTTP::uri]] starts_with "/xpro.xx.tt/teste/tt/rr" } {
pool teste-reverse_proxy-pool1
}
}

I've already tested out your solutions...

 

 

But it doesn't seems to work.

 

 

In the Statistics board i don't see any requests going to the pool... I've altered the Virtual Service and defined the pool in the Virtual Service but it doesn't works...

 

 

my irule is this...

 

 

when HTTP_REQUEST {

 

 

log local0. "[IP::client_addr]:[TCP::client_port]: [HTTP::method] request to host [HTTP::host] and URI [HTTP::uri]"

 

if { [string tolower [HTTP::host]] equals "xpro.xx.tt" } {

 

HTTP::redirect http://xpro.xx.tt/teste/tt/rr

 

}

 

}

 

 

I want the Browser URL to change but it isn't changing. For instance if i put http://xpro.xx.tt it will change to http://xpro.xx.tt/teste/tt/rr, but this also isn't changing... In the real servers i don't see any request from the BIG-IP to the port 50000...

 

 

Thanks in advance

Change the "equals" in your iRule to "starts_with"

 

 

Change this: HTTP::redirect http://xpro.xx.tt/teste/tt/rr" target="_blank" rel="nofollow">http://xpro.xx.tt/teste/tt/rr

 

To this: HTTP::redirect http://xpro.xx.tt/teste/tt/rr

 

 

The Port Translation is set on the Virtual Server(checkbox), but happens in the Pool(when the servers are added to the pool, the port number is set). This means that the "Port Translation" Checkbox inside the Virtual Server must be checked and the Servers must be added into the pool like such:

 

 

10.10.10.10:50000

 

20.20.20.20:50000

 

 

So the Virtual Server should be on we'll say Port 80 and then all traffic is translated (by the BigIP) from 80 to 50000.

 

 

Let us know what results you get.

hello again...

 

 

the problem continues...

 

 

when HTTP_REQUEST {

 

 

log local0. "[IP::client_addr]:[TCP::client_port]: [HTTP::method] request to host [HTTP::host] and URI [HTTP::uri]"

 

if { [string tolower [HTTP::host]] starts_with "xpro.xx.tt" } {

 

HTTP::redirect http://xpro.xx.tt/teste/tt/rr

 

}

 

}

 

 

log:

 

Jul 8 10:13:46 local/tmm info tmm[2714]: Rule teste-reverse_proxy_irule2 : 20.20.20.175:32482: GET request to host xpro.xx.tt and URI /teste/tt/rr

 

 

I have port translation enabled in the virtual service, and the pool member only haves one real server 10.10.10.10:50000. I don't see any request being send to the server.

 

 

In my browser i get the message:

 

 

The page isn't redirecting properly

 

 

Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

 

 

* This problem can sometimes be caused by disabling or refusing to accept

 

cookies.

 

 

Thanks...

 

In the last post there was a problem... in redirected the http requests in loop...

 

 

I've created a different irule to do only one redirect:

 

 

when HTTP_REQUEST {

 

 

log local0. "[IP::client_addr]:[TCP::client_port]: [HTTP::method] request to host [HTTP::host] and URI [HTTP::uri]"

 

if { [string tolower [HTTP::host]] equals ""xpro.xx.tt" } {

 

if { [string tolower [HTTP::uri]] ne "/teste/tt/rr" } {

 

 

HTTP::redirect http://xpro.xx.tt/teste/tt/rr

 

 

}

 

}

 

}

 

 

But the problem remains the requests aren't being send to the real servers... in httpfox i get the error NS_ERROR_NET_RESET...

 

NS_ERROR_NET_RESET indicates the client received a TCP reset from the server direction. LTM will send a TCP reset if there is a runtime error in an iRule. Do you see any errors in /var/log/ltm?

 

 

Else, it might be coming from the server. As Chris and Michael suggested, do you have address and port translation enabled on the virtual server? If so, what do you see at layer four in a tcpdump of the client and server side VLANs? Are the client to VS and LTM to server connections established successfully?

 

 

Aaron

There is another minor tweak that you need to do:

 

 

 

when HTTP_REQUEST {

 

 

log local0. "[IP::client_addr]:[TCP::client_port]: [HTTP::method] request to host [HTTP::host] and URI [HTTP::uri]"

 

if { [string tolower [HTTP::host]] equals ""xpro.xx.tt" } {

 

if { [string tolower [HTTP::uri]] ne "/teste/tt/rr" } {

 

 

HTTP::redirect http://xpro.xx.tt/teste/tt/rr

 

 

}

 

}

 

}

 

 

 

Change this: if { [string tolower [HTTP::host]] equals ""xpro.xx.tt" } {

 

To this: if { [string tolower [HTTP::host]] equals "/xpro.xx.tt" } {

 

 

I would still suggest using starts_with: if { [string tolower [HTTP::host]] starts_with "/xpro.xx.tt" } {

 

 

The [HTTP::uri] starts with a "/" so you have to include it. I believe that you must include it for "equals" and "starts_with", but not with "contains".