cancel
Showing results for 
Search instead for 
Did you mean: 

irule for port redirection not working

amit_128525
Nimbostratus
Nimbostratus

Hello all ,

 

 

My first question here 🙂

 

I have a public url which works on tcp port 4000 what we are trying to do is use port 80 instead of 4000 , I have created Irule in f5 BIG-IP 10.0.1 , I am seeing hits on execution , but we are not able to open url .

 

I have mapped irule to the virtual server . Please see the rule below which i have made and advise

 

-*********************************

 

when HTTP_REQUEST {

 

if { [HTTP::uri] ends_with " adf********.*******.com " } {

 

redirect to "https://%h:4000/%u/"

 

}

 

}

 

***********************************

 

4 REPLIES 4

Kevin_Stewart
F5 Employee
F5 Employee
Your redirect is telling the client to try again on the different URL (and on port 4000). Assuming this web app is only listening on port 4000, and you want clients to come to it on port 80, you probably don't need an iRule at all. Just create a port 80 virtual server that pools to servers listening on port 4000. A standard virtual server will have port and address translation turned on by default.

amit_128525
Nimbostratus
Nimbostratus
Thanks for reply I think I didnt clarified completely the setup please find the exact enviroment wiould be really helpful iof anyone can advise .

 

***********************************

 

We have an F5 BIG Load balancer.

 

 

We want port redirect depending on what the host header is.

 

i.e. testapp1.domain.com comes in as https or http and redirects to port 4000 to the web\app server.

 

Then the same web\app server is also running other web sites and apps so it should also be able to handle testapp2.domain.com and redirect to say port 8000 to the same server.

 

 

We have tried using the irule below but no luck. It does however shows a hit on the iRule statistics but I do not think it is redirecting the port numbers.

 

 

when HTTP_REQUEST {

 

if { [HTTP::uri] ends_with " adf********.*******.com " } {

 

redirect to "https://%h:4000/%u/"

 

}

 

}

 

 

***********************************

nitass
F5 Employee
F5 Employee
virtual server isn't listening on port 4000 and 8000, is it? so, is this what you are asking?

 

 

[root@ve10:Active] config b virtual bar list virtual bar { snat automap destination 172.28.19.252:80 ip protocol 6 rules myrule profiles { http {} tcp {} } } [root@ve10:Active] config b rule myrule list rule myrule { when HTTP_REQUEST { set host [HTTP::host] set uri [HTTP::uri] switch [HTTP::host] { "testapp1.domain.com" { pool foo4000 } "testapp2.domain.com" { pool foo8000 } default { do something } } } when HTTP_RESPONSE { log local0. "client [IP::client_addr]:[TCP::client_port] \ virtual server [clientside {IP::local_addr}]:[clientside {TCP::local_port}] \ server [IP::server_addr]:[TCP::server_port] \ pool [LB::server pool] \ http host $host \ http uri $uri" } } [root@ve10:Active] config b pool foo4000 list pool foo4000 { members 200.200.200.101:4000 {} } [root@ve10:Active] config b pool foo8000 list pool foo8000 { members 200.200.200.101:8000 {} } [root@ve10:Active] config tail -f /var/log/ltm Mar 15 21:03:18 local/tmm info tmm[4950]: Rule myrule : client 172.28.19.251:44195 virtual server 172.28.19.252:80 server 200.200.200.101:4000 pool foo4000 http host testapp1.domain.com http uri /something Mar 15 21:03:51 local/tmm info tmm[4950]: Rule myrule : client 172.28.19.251:44196 virtual server 172.28.19.252:80 server 200.200.200.101:8000 pool foo8000 http host testapp2.domain.com http uri /somewhereelse

Kevin_Stewart
F5 Employee
F5 Employee
Just a suggestion, but if you establish pools based on port number then you can apply some pretty robust monitors. So if you check the Host header in the HTTP_REQUEST event you can simply send the traffic to the different pools.

 

 

when HTTP_REQUEST { switch [string tolower [HTTP::header Host]] { "testapp1.domain.com" { pool app_4000_pool } "testapp2.domain.com" { pool app_8000_pool } default { pool default_pool } } }