Forum Discussion

Deepak_Nair's avatar
Jan 20, 2021

HTTPS REDIRECTION : Specific NODE using iRULE

Hi Experts ,

i am working on one requirement where i need to redirect https://www.example.com needs to redirect to specific NODES ( 8 nos ) based on URI PATH .

i have created a layer 7 virtual server with SSL profile and attach it with following irule :

when HTTP_REQUEST { 
 
        if {[HTTP::host] contains "TEST-ESB-VIP-BMA.example.com" and [HTTP::path] eq "/m2p/"} 
        {
        node 10.30.214.1 2783
        return 
    }
	
	if {[HTTP::host] contains "TEST-ESB-VIP-BMA.example.com" and [HTTP::path] eq "/aps/"}
        {
        node 10.30.230.31 7001
        return 
    }
	
	if {[HTTP::host] contains "TEST-ESB-VIP-BMA.example.com" and [HTTP::path] eq "/bmx/"} 
        {
        node 10.30.214.38 61648
        return 
    }
	
	if {[HTTP::host] contains "TEST-ESB-VIP-BMA.example.com" and [HTTP::path] eq "/cts/"}
        {
        node 10.30.214.236 4515
        return 
    }
	
	if {[HTTP::host] contains "TEST-ESB-VIP-BMA.example.com" and [HTTP::path] eq "/mii/"} 
        {
        node 10.30.215.174 50000
        return 
    }
	
	if {[HTTP::host] contains "TEST-ESB-VIP-BMA.example.com" and [HTTP::path] eq "/ampla-bma/"}
	{
        node 10.30.222.43 8889
        return 
    }
	
	if {[HTTP::host] contains "TEST-ESB-VIP-BMA.example.com" and [HTTP::path] eq "/ampla-bmc/"} 
	{
        node 10.38.2.48 8889
        return 
    }
	if {[HTTP::host] contains "TEST-ESB-VIP-BMA.example.com" and [HTTP::path] eq "/iqt-bma/"} 
	{
        node 10.30.215.208 8889
        return 
    }
	if {[HTTP::host] contains "TEST-ESB-VIP-BMA.example.com" and [HTTP::path] eq "/iqt-bmc/"}
	{
        node 10.30.222.230 8889
        return 
    }
	
	
}

when i try to access the VIP IP using its DNS name https://TEST-ESB-VIP-BMA.example.com/m2p as an example , BIG-IP is sending me RST back stating no Server selected . I can see hit on irule in the statistic TAB . 

Here is the packet capture from the BIG-IP : 

10.30.230.58.https > 10.139.153.195.53666: Flags [.], cksum 0x94c1 (incorrect -> 0x7121), ack 1352, win 5449, length 0 out slot1/tmm0 lis=/Common/VS_MULE_BMA_TEST_HTTPS_443 flowtype=64 flowid=560000E1C600 peerid=0 conflags=4000024 inslot=63 inport=23 haunit=1 priority=3 peerremote=00000000:00000000:00000000:00000000 peerlocal=00000000:00000000:00000000:00000000 remoteport=0 localport=0 proto=0 vlan=0
02:14:04.293589 00:50:56:ba:17:86 > 54:7f:ee:09:d8:c1, ethertype 802.1Q (0x8100), length 176: vlan 2200, p 0, ethertype IPv4, (tos 0x0, ttl 255, id 44631, offset 0, flags [DF], proto TCP (6), length 40)
    10.30.230.58.https > 10.139.153.195.53666: Flags [.], cksum 0x94c1 (incorrect -> 0x7121), ack 1352, win 5449, length 0 out slot1/tmm0 lis=/Common/VS_MULE_BMA_TEST_HTTPS_443 flowtype=64 flowid=560000E1C600 peerid=0 conflags=4000024 inslot=63 inport=23 haunit=1 priority=3 peerremote=00000000:00000000:00000000:00000000 peerlocal=00000000:00000000:00000000:00000000 remoteport=0 localport=0 proto=0 vlan=0
02:14:04.293640 00:50:56:ba:17:86 > 54:7f:ee:09:d8:c1, ethertype 802.1Q (0x8100), length 246: vlan 2200, p 0, ethertype IPv4, (tos 0x0, ttl 255, id 44633, offset 0, flags [DF], proto TCP (6), length 83)
    10.30.230.58.https > 10.139.153.195.53666: Flags [R.], cksum 0x94ec (incorrect -> 0xc3d1), seq 148:191, ack 1352, win 0, length 43 [RST+ BIG-IP: [0x29b630c:4504] No se] out slot1/tmm0 lis=/Common/VS_MULE_BMA_TEST_HTTPS_443 flowtype=64 flowid=560000E1C600 peerid=0 conflags=4800024 inslot=63 inport=23 haunit=1 priority=3 rst_cause="[0x29b630c:4504] No server selected" peerremote=00000000:00000000:00000000:00000000 peerlocal=00000000:00000000:00000000:00000000 remoteport=0 localport=0 proto=0 vlan=0

I am NOT sure what i am doing wrong here .If anyone can guide me what i am doing wrong will be much appreciated .

Thanks in advance .

21 Replies