Route traffic to specific sorry server path

Question

Hi all,Quick background on simple setup:I have virtual server setup with 443 with two pool members it has no ssl offloading on F5 it and no http profile setup, the condition for traffic to be sent to sorry server is if all the pool members are down. I managed to get an iRule working for this request as shown below.&nbsp;when CLIENT_ACCEPTED {&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if { [active_members [LB::server pool]] == 0 } {&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; persist none&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; pool Sorry_Pool&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }}&nbsp;The issue I have now is the client came back requesting since there maintenance page on the sorry server isn’t at root the maintenace page isn't showing up when i forward the traffic to sorry server. Therefor the client want to forward the traffic to specific url “/down” on the sorry server from the F5 when all the pool members are down. Can someone tell me how can I add to my existing iRule or I need a new iRule to accomplish the request to send the traffic to sorry server when all the pool members are down to specific path on the sorry server /down?&nbsp;

kai_wilke · Accepted Answer

Hi Helloworld,
yes,&nbsp;you would need to install the sites SSL certificates on your F5 to intercept/terminate/ansylse/offload the HTTPS communication&nbsp;(many names for the same approach). Without doing this, the F5 would not be able to to interact with your client on the HTTP protocol layer. This layer is required to perform HTTP redirects.
And yes, if the Sorry web server support lets say .htaccess or mod_rewrite you can teach the Sorry server to redirect or rewrite request for "/" (Root-Web) to the "/down" maintenance page. you would fix your issues on the server itself...
Cheers, Kai
&nbsp;
&nbsp;

kai_wilke · Answer

Hi Helloworld,
You would need to change your VS setup and enable SSL inspection and HTTP profile to send such HTTP redirects.
It would be probably more effective to review the setup of your Sorry_Pool. Clarify if the pool supports things like .htaccess, mod_rewrite&nbsp;or Proxy-Pass.
Cheers, Kai

leslie_hubertus · Answer

helloworld, if&nbsp;Kai_Wilke&nbsp;isn't able to come back to this thread in the next day or so, I'll see if one of my colleagues can weigh in. Though you're certainly in good hands with Kai!

helloworld · Answer

When you say SSL inspection I would need to get the certs installed on the F5 in order to be able to decrypt to allow the LTM to make intelligent decesions to be able to redirect? Would you say from the F5 prespective without the offloading the certs on the F5 we can't forward the traffic to specfic url on to the sorry server?

Since i belive they are running Apache for the sorry server on the backend it might support .htaccess or mod_rewrite. Is your train of thought maybe having them doing it at the server level if it supports htaccess or mod_rewrite?

kai_wilke · Answer

Thanks for the reminder. I somehow missed the response...&nbsp;🙄&nbsp;
Cheers, Kai

Forum Discussion

Route traffic to specific sorry server path

5 Replies

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Failover for specific virtual server

fellow traffic

How to get Virtual servers associated with a specific SNAT pool

ASM Local Traffic Policy to redirect on specific URL

Example of Static Variables with Virtual Server specific settings