iRule to redirect URI based on host using Datagroup

Curl works, because curl will only do one request. After the first redirect, the following check will match again:

if { [ class match [HTTP::host] equals CC-Host-to-URI-Redirect-DG ] } {

Because it matches, it will do a redirect again. This causes the loop in Chrome. You'll need to make this if statement more specific. For example also check if [HTTP::uri] equals '/'.

You need to check whether URI is not same as in Data-Group. If it matches no redirection request has to be forwarded to pool.

Hello,

So in fact you have to redirect user only when the request URI is different frome the uri in your DG, so try this irule:

when HTTP_REQUEST {
 set host [string tolower [HTTP::host]]
 set uri [string tolower [HTTP::uri]]
  
if { [ class match $host equals CC-Host-to-URI-Redirect-DG ] } {
 	set new_URI [ class match -value $host equals CC-Host-to-URI-Redirect-DG ]
 	if {!($uri starts_with $new_URI)}{
		HTTP::redirect "https://[getfield $host ":" 1]$new_URI"
 	}
}
}

Additional important point, If you use different POOl by hostname or URI, don't forget to set an OneConnect profile in order to detach http request.

let me know if you need more details.

regards

FYI, I got the following to work via traffic policy; however it's not using the datagroup which is what I want to have a way to easily add new host to URI mappings without having to add another Rule in the case of traffic policies or iRules. So as Niels van Sluis suggested it seems to be an issue with [HTTP::uri] equals '/'. As soon as I added this to the traffic policy my redirect loop stopped.

Static Traffic Policy

ltm policy CC-Host-to-URI-Redirect-Policy {

   controls { forwarding }

   description "Redirect URIs based on Host"

   last-modified 2019-05-28:15:10:00

   requires { http }

   rules {

       CC-Site-Host-to-URI-Redirect-Rule {

           actions {

               0 {

                   http-reply

                   redirect

                   location https://cc.site.com/cc/

               }

           }

           conditions {

               0 {

                   http-host

                   host

                   values { cc.site.com }

               }

               1 {

                   http-uri

                   path

                   values { / }

               }

           }

           ordinal 1

       }

       CC-Site1-Host-to-URI-Redirect-Rule {

           actions {

               0 {

                   http-reply

                   redirect

                   location https://cc.site1.com/cc1/

               }

           }

           conditions {

               0 {

                   http-host

                   host

                   values { cc.site1.com }

               }

               1 {

                   http-uri

                   path

                   values { / }

               }

           }

       }

   }

   status published

   strategy first-match

}

Just remember not use more than 128 characters long due to following bugs which F5 has no fix nor workaround.

Bug ID 802721: Virtual Server iRule does not match an External Data Group key that's 128 characters long https://urldefense.proofpoint.com/v2/url?u=https-3A__cdn.f5.com_product_bugtracker_ID802721.html&d=DwICaQ&c=jOURTkCZzT8tVB5xPEYIm3YJGoxoTaQsQPzPKJGaWbo&r=8uinM8xMeFrMOkDZ2phZYseX0oh_en0gA_JkLK5cleM&m=FkYPCWdfw-iodN4Uru6InEH_3Z-LtRW-hP8bRXbPYhY&s=eDlupQDJVZn2lpMEDOs2wikwqHzD3g8n2Wl7Qc4n5m4&e=