Forum Discussion
Rewrite profile - any better way?
Hi,
I wonder is there is any simpler way to achieve something described below:
Scenario:
- Single VS - IP mapped to few external FQDNs
- Each external FQDN maps to virtual host on the same backend server (so traffic accepted only if there is Host header match in request send from BIG-IP to backend)
- There is possibility that some links returned from backend (in content) are not relative and can use backend srv FQDN.
Setup:
Local Traffic Policy forwarding traffic to appropriate pool based on host header in request from client - sure it could be one pool but because FQDN nodes has to be used I guess separate pools are needed - or not?
Then Rewrite profile with URI rules for each ext FQDN to int FQDN with Rewrite Header, Rewrite content set, like * -> * -> * -> * and so on
When redirect from http to https (send from backend) is needed then another Rewrite profile is necessary for HTTPS VS: * -> * -> * -> * and so on
It is working OK but requires plenty of objects to be configured, everything has to be entered by hand, in few places and cause a lot of work and possibility to make mistake :-(
Is there any other way (simpler, less error prone) to achieve the same goal?
Piotr
- rob_carrCirrostratus
Is there any other way (simpler, less error prone) to achieve the same goal?
No, not really. Prior to the rewrite profile, you would have needed to use a datagroup and either an iRule or Traffic Policy to accomplish the same goal, which I think many would find to be more difficult than the setup you've described.
- Stanislas_Piro2Cumulonimbus
Is there any other way (simpler, less error prone) to achieve the same goal?
of course there is! this will also optimize F5 and servers performances:
- dragonflymrCirrostratus
Hi,
Assuming that using Rewrite profile is only option (even if worst one) how to solve missing trailing / issue?
If URI Rule is like that:
- Client: http://site.com/old/
- Server:
and user will send request without trailing /, like /old
URI rule will not catch such request.
Some web servers (for sure my IIS) is sending back redirect when receiving such request (but I doubt it's standard behavior for all types of web servers?) so client will be redirected to /old/ and then URI rule fires.
But it's not perfect - if backend server will not send redirect then everything breaks up. Even if it will send then it is not best situation as /old request are still reaching backend.
I am right now using iRule I found on DevCentral to fix such requests at VS level, because iRule is executed before Rewrite profile it seems to be working solution.
But maybe it's not a right approach, maybe I am missing something important that could break backend server functionality somehow?
Piotr
- ishhyd82Nimbostratus
Hi Piotr,
Can you share the irule if possible
Regards
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com