Forum Discussion

Piotr_Lewandows's avatar
Icon for Altostratus rankAltostratus
Nov 14, 2017

Rewrite profile - any better way?



I wonder is there is any simpler way to achieve something described below:




  • Single VS - IP mapped to few external FQDNs
  • Each external FQDN maps to virtual host on the same backend server (so traffic accepted only if there is Host header match in request send from BIG-IP to backend)
  • There is possibility that some links returned from backend (in content) are not relative and can use backend srv FQDN.



Local Traffic Policy forwarding traffic to appropriate pool based on host header in request from client - sure it could be one pool but because FQDN nodes has to be used I guess separate pools are needed - or not?


Then Rewrite profile with URI rules for each ext FQDN to int FQDN with Rewrite Header, Rewrite content set, like * -> * -> * -> * and so on


When redirect from http to https (send from backend) is needed then another Rewrite profile is necessary for HTTPS VS: * -> * -> * -> * and so on


It is working OK but requires plenty of objects to be configured, everything has to be entered by hand, in few places and cause a lot of work and possibility to make mistake :-(


Is there any other way (simpler, less error prone) to achieve the same goal?




4 Replies

  • Is there any other way (simpler, less error prone) to achieve the same goal?


    No, not really. Prior to the rewrite profile, you would have needed to use a datagroup and either an iRule or Traffic Policy to accomplish the same goal, which I think many would find to be more difficult than the setup you've described.


  • Is there any other way (simpler, less error prone) to achieve the same goal?


    of course there is! this will also optimize F5 and servers performances:


  • Hi,


    Assuming that using Rewrite profile is only option (even if worst one) how to solve missing trailing / issue?


    If URI Rule is like that:


    and user will send request without trailing /, like /old


    URI rule will not catch such request.


    Some web servers (for sure my IIS) is sending back redirect when receiving such request (but I doubt it's standard behavior for all types of web servers?) so client will be redirected to /old/ and then URI rule fires.


    But it's not perfect - if backend server will not send redirect then everything breaks up. Even if it will send then it is not best situation as /old request are still reaching backend.


    I am right now using iRule I found on DevCentral to fix such requests at VS level, because iRule is executed before Rewrite profile it seems to be working solution.


    But maybe it's not a right approach, maybe I am missing something important that could break backend server functionality somehow?




    • ishhyd82's avatar
      Icon for Nimbostratus rankNimbostratus

      Hi Piotr,

      Can you share the irule if possible