Forum Discussion

Fluidetom_12222's avatar
Jul 10, 2018

Transparent port redirect

Hey Guys,

I've received a request to setup a VS listening on port 443, as well as on a range from 18500 to 18550 included. If a request comes in on port 443 it must be passed to the backend server on port 8443 instead (standard port translation). But if the request comes on a port between 18500 and 18550, then there's no change needed. I've came up with the below iRule, but I don't know how to address the transparent 443 to 8443 translation.

 

when CLIENT_ACCEPTED {
    if {([TCP::local_port] >= 18500 ) && ([TCP::local_port] <= 18550)} {
        pool MyPool
    }elseif {([TCP::local_port] equals 443 )} {
        <-- here I need to change to port 8443 -->
        pool MyPool
    } else reject
}

 

Could you help me out, I don't know how to achieve this. Thanks

  • Ok I've found a way to do this.

    I'm using 2 different pools.

    • MyPool is configured with node1'sIP:8443, node2'sIP:8443 etc...
    • MyPool_18500 is configured with node1'sIP:0, node2'sIP:0 etc...

    This is my code, which is working fine ... yeah!

    I had to enable port translation on the VS for this setup to work.

     

    when CLIENT_ACCEPTED {
        if {([TCP::local_port] equals 443 )} {
            pool MyPool
        } elseif {([TCP::local_port] >= 18500 ) && ([TCP::local_port] <= 18550)} {
            pool MyPool_18500
        } else reject
    }
    

     

  • Ok I've found a way to do this.

    I'm using 2 different pools.

    • MyPool is configured with node1'sIP:8443, node2'sIP:8443 etc...
    • MyPool_18500 is configured with node1'sIP:0, node2'sIP:0 etc...

    This is my code, which is working fine ... yeah!

    I had to enable port translation on the VS for this setup to work.

     

    when CLIENT_ACCEPTED {
        if {([TCP::local_port] equals 443 )} {
            pool MyPool
        } elseif {([TCP::local_port] >= 18500 ) && ([TCP::local_port] <= 18550)} {
            pool MyPool_18500
        } else reject
    }