cancel
Showing results for 
Search instead for 
Did you mean: 

Rewrite profile - any better way?

Piotr_Lewandows
Altostratus
Altostratus

Hi,

 

I wonder is there is any simpler way to achieve something described below:

 

Scenario:

 

  • Single VS - IP mapped to few external FQDNs
  • Each external FQDN maps to virtual host on the same backend server (so traffic accepted only if there is Host header match in request send from BIG-IP to backend)
  • There is possibility that some links returned from backend (in content) are not relative and can use backend srv FQDN.

Setup:

 

Local Traffic Policy forwarding traffic to appropriate pool based on host header in request from client - sure it could be one pool but because FQDN nodes has to be used I guess separate pools are needed - or not?

 

Then Rewrite profile with URI rules for each ext FQDN to int FQDN with Rewrite Header, Rewrite content set, like * -> * -> * -> * and so on

 

When redirect from http to https (send from backend) is needed then another Rewrite profile is necessary for HTTPS VS: * -> * -> * -> * and so on

 

It is working OK but requires plenty of objects to be configured, everything has to be entered by hand, in few places and cause a lot of work and possibility to make mistake 😞

 

Is there any other way (simpler, less error prone) to achieve the same goal?

 

Piotr

 

4 REPLIES 4

rob_carr
MVP
MVP

Is there any other way (simpler, less error prone) to achieve the same goal?

 

No, not really. Prior to the rewrite profile, you would have needed to use a datagroup and either an iRule or Traffic Policy to accomplish the same goal, which I think many would find to be more difficult than the setup you've described.

 

Stanislas_Piro2
Cumulonimbus
Cumulonimbus

Is there any other way (simpler, less error prone) to achieve the same goal?

 

of course there is! this will also optimize F5 and servers performances:

 

CONFIGURE INTERNAL SERVER TO ACCEPT EXTERNAL HOSTNAME AND TO RESPOND WITH RELATIVE URI

dragonflymr
Cirrus
Cirrus

Hi,

 

Assuming that using Rewrite profile is only option (even if worst one) how to solve missing trailing / issue?

 

If URI Rule is like that:

 

and user will send request without trailing /, like /old

 

URI rule will not catch such request.

 

Some web servers (for sure my IIS) is sending back redirect when receiving such request (but I doubt it's standard behavior for all types of web servers?) so client will be redirected to /old/ and then URI rule fires.

 

But it's not perfect - if backend server will not send redirect then everything breaks up. Even if it will send then it is not best situation as /old request are still reaching backend.

 

I am right now using iRule I found on DevCentral to fix such requests at VS level, because iRule is executed before Rewrite profile it seems to be working solution.

 

But maybe it's not a right approach, maybe I am missing something important that could break backend server functionality somehow?

 

Piotr

 

Hi Piotr,

Can you share the irule if possible

 

Regards