Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Reverse Proxy using Cookie in iRule or Policy

Go to solution
MohanK
Altostratus
Altostratus

‎21-Apr-2021 10:27

Hello,

 

We need to add below irules/policy for google cloud reverse proxy:

 

1. The application will drop a cookie on the first request of https://abc.site.com

2. The LTM needs to detect this cookie when it intercepts the request. based on the cookie the request needs to be reverse proxy to a google cloud URL without changing the actual application URL.

 

Example:

Cookie name: Experience.

 

1. If the cookie exist:

 

abc.site.com -> def.site.com/home

 

Note: the URL in the browser should still be https://abc.site.com

 

2. If the cookie doesn't exist

 

https://abc.site.com no changes

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
SanjayP
MVP
MVP

‎21-Apr-2021 11:57 - last edited on ‎04-Jun-2023 20:56 by Fog

Create a pool for Google Cloud destination. Modify iRule with pool name accordingly. 

when HTTP_REQUEST {    
    if { ( [HTTP::cookie exists Experience] ) } {
     HTTP::header replace "Host" "def.site.com"	
     HTTP::uri /home
     pool def.site.com_pool	 
    }  else {
	 return
	}      
}

View solution in original post

9 REPLIES 9

Go to solution
SanjayP
MVP
MVP

‎21-Apr-2021 11:57 - last edited on ‎04-Jun-2023 20:56 by Fog

Create a pool for Google Cloud destination. Modify iRule with pool name accordingly. 

when HTTP_REQUEST {    
    if { ( [HTTP::cookie exists Experience] ) } {
     HTTP::header replace "Host" "def.site.com"	
     HTTP::uri /home
     pool def.site.com_pool	 
    }  else {
	 return
	}      
}

Go to solution
MohanK
Altostratus
Altostratus
In response to SanjayP

‎21-Apr-2021 20:50

Awesome! Thank you Sanjay. I'll Test and get back to you 🙂

0 Kudos

Go to solution
MohanK
Altostratus
Altostratus
In response to SanjayP

‎13-May-2021 04:19

Sanjay,

 

At this moment I'm selecting, this as a best answer.

I also have one more query - Pool member is going to be an external VIP Address, does it respond to health monitor just like all other server node ?

0 Kudos

Go to solution
MohanK
Altostratus
Altostratus
In response to SanjayP

‎11-Jun-2021 23:53

This rule worked, as exactly what we expected, I have added few other parameters for the special requirement. Thank you so much again, Sanjay 🙂

0 Kudos

Go to solution
MohanK
Altostratus
Altostratus

‎26-Apr-2021 09:37

Sanjay, actually https://def.site.com/home is external url, so we don’t have any pool internally. Can I just remove only the pool part from the above iRule to forward to an external url ? Or is there any other condition to add ?

0 Kudos

Go to solution
SanjayP
MVP
MVP
In response to MohanK

‎26-Apr-2021 10:55

To forward to that destination without modifying a original URL, you need to add the pool or node.

I understand, you might not have a pool currently, but you would need to create a pool with the site IP address and enable routing (if needed) and open FW.

Alternatively, you can just send a redirect to a client to that external URL, but it would change the URL and your requirement is to keep the original URL intact in the browser if I understand it correctly.​

0 Kudos

Go to solution
MohanK
Altostratus
Altostratus

‎26-Apr-2021 11:10

Yes, your understanding is correct!

 

I believe first option is more complex. I would try to insist for the second option.

 

Thank you so much for the quick reply, I’ll check with the team, how they would like to implement.

 

0 Kudos

Go to solution
SanjayP
MVP
MVP
In response to MohanK

‎26-Apr-2021 11:16 - last edited on ‎04-Jun-2023 20:56 by Fog

Do you have any issues with iRule for option#1? Once you open the connectivity from F5 to external site on port 443, it should work. If you got any specific issues let us know.

In case you want to go ahead with option#2 of issuing a redirect to client. Below would be the iRule. 

when HTTP_REQUEST {    
    if { ( [HTTP::cookie exists Experience] ) } {
     HTTP::respond 301 Location "https://def.site.com/home"
    }  else {
	 return
	}      
}

0 Kudos

Go to solution
MohanK
Altostratus
Altostratus

‎26-Apr-2021 11:27

The First iRule you provided pretty match with our requirement except the pool pointing, which I believe difficult to solve by enabling routing, I’ll try to look at the routing part and firewall and see if that possible to fix, which I meant more complex not your iRule 😊 and thank you for the redirect iRule as well.

 

Yes, I’ll definitely let you know the outcome, most probably we will try this coming week or next.

 

 

0 Kudos
Copyright © 2023 Khoros, LLC