Forum Discussion
NimbostratusTCL Error
Hi All,
We have recently upgraded to 11.5.1 HF9 from 11.4.1 HF8. After upgarding the box we are seeing this TCL error
"TCL error: /Common/_sys_https_redirect - Operation not supported. Multiple redirect/respond invocations not allowed (line 1) invoked from within "HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]"" The irule _sys_https_redirect is working fine. But we are still seeing this error. Please help me in understanding why we are seeing this error. Can we ignore it?
Thanks,
Sekhar
13 Replies
Hannes_RappYou're seeing this error because multiple "HTTP::redirect" or "HTTP::response" are being triggered per single request. No more than one redirect statement can function per request. You should not ignore that, and fix the iRules with a proper use of "event disable" function.
To get rid of this error, use the "event disable" command after invoking your redirect. Below is one sample how you can use it.
iRule1
when HTTP_REQUEST { if { ([HTTP::host] == "asd.asd.asd") && ([HTTP::path] == "/") } { HTTP::respond 302 location "https://[HTTP::host][HTTP::uri]" event disable The HTTP response event in second iRule is not processed TCP::close The connection record is removed } }iRule2
when HTTP_REQUEST { if { ([HTTP::host] == "asd.asd.asd") && ([HTTP::path] == "/products") } { HTTP::respond 302 location "http://foo.bar/products" event disable Not required here, but still recommended TCP::close } }
SekharThank you Hannes, Does this mean to disable the default redirect and use a custom iRule? -Sekhar- Hannes_RappYep, the default iRule you're using explicitly redirects every request to HTTPS protocol. This means any redirect/respond logic in your custom iRules will not work. Can you share iRules as well as LTM policies applied to your Virtual Server? This way we could make sure what would be the best option to proceed. If it's no LTM policies and no other iRules are in use besides the _sys_https_redirect, it could be a bug as Walter mentioned.
- SekharHi Hannes, This is one of the virtual which has redirect iRule assigned ltm virtual vs_test { destination 151.142.X.X:http ip-protocol tcp mask 255.255.255.255 profiles { PR_HTTP_XFF_Enabled_http { } tcp { } } rules { _sys_https_redirect } source 0.0.0.0/0 source-address-translation { type automap } vs-index 95 } This is the default irule: _sys_https_redirect when HTTP_REQUEST { HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri] } Thanks, Sekhar
Hannes_Rapp_162Nacreous
You're seeing this error because multiple "HTTP::redirect" or "HTTP::response" are being triggered per single request. No more than one redirect statement can function per request. You should not ignore that, and fix the iRules with a proper use of "event disable" function.
To get rid of this error, use the "event disable" command after invoking your redirect. Below is one sample how you can use it.
iRule1
when HTTP_REQUEST { if { ([HTTP::host] == "asd.asd.asd") && ([HTTP::path] == "/") } { HTTP::respond 302 location "https://[HTTP::host][HTTP::uri]" event disable The HTTP response event in second iRule is not processed TCP::close The connection record is removed } }iRule2
when HTTP_REQUEST { if { ([HTTP::host] == "asd.asd.asd") && ([HTTP::path] == "/products") } { HTTP::respond 302 location "http://foo.bar/products" event disable Not required here, but still recommended TCP::close } }- SekharThank you Hannes, Does this mean to disable the default redirect and use a custom iRule? -Sekhar
- Hannes_Rapp_162Yep, the default iRule you're using explicitly redirects every request to HTTPS protocol. This means any redirect/respond logic in your custom iRules will not work. Can you share iRules as well as LTM policies applied to your Virtual Server? This way we could make sure what would be the best option to proceed. If it's no LTM policies and no other iRules are in use besides the _sys_https_redirect, it could be a bug as Walter mentioned.
- SekharHi Hannes, This is one of the virtual which has redirect iRule assigned ltm virtual vs_test { destination 151.142.X.X:http ip-protocol tcp mask 255.255.255.255 profiles { PR_HTTP_XFF_Enabled_http { } tcp { } } rules { _sys_https_redirect } source 0.0.0.0/0 source-address-translation { type automap } vs-index 95 } This is the default irule: _sys_https_redirect when HTTP_REQUEST { HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri] } Thanks, Sekhar
- Walter_Kacynski
Cirrostratus
Do you only have a single iRule attached to this virtual? - SekharHi Walter, Yes just a single default redirect iRule. Thanks, Sekhar
- Walter_Kacynski
Since you are only using /Common/_sys_https_redirect I feel that this is a bug. If not in the code at least in the iRule both of which should be covered by support. They might give you a new custom rule to implement but it should be corrected.
