cancel
Showing results for 
Search instead for 
Did you mean: 

Redirecting public facing URL to an internal non public facing URL

SteveD1979
Nimbostratus
Nimbostratus

Hi I am trying to set up a rule that will allow external users hitting an external facing URL that resolves to a VIP on our DMZ LTMs and redirects them to an internal non public facing URL on our internal pair of LTMs based on the URI.  Is this possible?

1 REPLY 1

CA_Valli
Cumulonimbus
Cumulonimbus

Hello, it is possible either with iRule or with LTM policy. 

iRules usually allow for more flexibility since they aren't limited to specific pre-coded instruction sets, while LTM policy performs much better (for same instructions, irule usually is 20% slower)

I would not set up a HTTP::redirect to hosts that can't be accessed by the public, but you can load balance the requests setting the internal LTM Virtual Server IP:port socket as a pool member. If you need to modify the packet beforehand (eg. rewriting URL or Host) there's tools that allow it in both iRule and LTM policy. 

I can try to provide sample code 

 

 

 

when HTTP_REQUEST {
	#I'd recommend switch if you have few exact matches for your URI, eg. on HOST header
	#I'd also recommend switch if you need to perform different actions on every match 
	switch -glob [string tolower [HTTP::host]] {
  
		test1.domain.com { pool <pool_name> }
		test2.domain.com { pool <pool_name> }
		test3.domain.com { 
			pool <pool_name>
			HTTP::header replace Host "newhost.domain.com" #sample rewrite (not a redirect)
		}
	}


	#Alternatively, I'd recommend data group if you need to perform a single few actions on a long list of possible match 
	#read as: does the uri contain an element of datagroup_path_rewrite (case sensitive)
	if {[class match [HTTP::uri] contains datagroup_path_rewrite]} {
		HTTP::path /newpath/portal.js #this rewrites the URI path before senting traffic to BE server
	}
}

 

 

 

To work with Data Group you must first configure one in Local Traffic > iRules > Data Groups, example below

 

 

ltm data-group internal /Common/datagroup_path_rewrite {
 records {
 /oldsubfolder1/ { }
 /oldsubfolder2/ { }
 /oldsubfolder3/ { }
 /oldsubfolder4/ { }
 /oldsubfolder5/ { }
 }
 type string
}