Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

TCL Error with F5 Verified iRule "_sys_https_redirect"


Hi guys,


I've noticed that we're seeing the following message logged in our BIG-IP LTM logs after upgrading our BIG-IP LTMs from version 12.1 to 14.1 (specifically going from to

err tmm[11128]: 01220001:3: TCL error: /Common/_sys_https_redirect <HTTP_REQUEST> - Can't call after responding - ERR_NOT_SUPPORTED (line 1)   invoked from within "HTTP::host"


I'm aware of and the fix (I've used the fix on many of our existing iRules with success). But I can't apply the same fix for this rule because of it is one of the sacred F5 verified iRules. The rule still works without any issues visible to the end user, but the sysadmin in me likes to fix the source of errors that I see in the logs, if possible.







Do you have multiple iRules on the same vServer?

Hi Mayur,


Thanks for the response. I didn't even think of that. Usually with our HTTP virtual servers that only exist to redirect to their HTTPS counterparts, there is usually only the "_sys_https_redirect" iRule. But it's possible there may be HTTP virtual servers with the _sys_https_redirect iRule and another iRule.


Problem is though is that we have a couple thousand virtual servers with maybe a third of them only existing for HTTP-to-HTTPS redirection. Will need to write a quick script to find all the virtuals that have the "_sys_https_redirect" iRule attached and another iRule.


Thanks for the advice! Will reply back with what I find.


That was it! Out of the 600+ HTTP-to-HTTPS redirect virtuals with the _sys_https_redirect iRule, a handful of them had second iRules that had HTTP::respond events. I just removed those secondary iRules after I determined I didn't need them to do what they were doing. Logs look good now. Thanks again for your help!

If anyone is curious, I came up with the below bash script to quickly find the culprit virtuals (I didn't have enough time to get fancy though so it just echos the comma-delimited output to stdout).

VIRTUALS=$(tmsh list ltm virtual one-line | grep -i ${IRULE} | cut -d' ' -f3)
    IRULES=$(tmsh list ltm virtual "${VS}" one-line | grep rules | sed -e 's/.* rules { //' -e 's/ }.*//')
    echo "$VS,$IRULES"

I suspected the same that it was due to other iRules. I am glad it helped you.

Also thanks for sharing above script. Cheers!