Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1431
Views
0
Helpful
4
Replies

ACE filter by url

jbbouillet
Level 1
Level 1

‎01-09-2012 09:25 AM

Hi,

I want to redirect some url on a specific server of mywebfarm. The loadbalancing work but the specific rules I create based on http url not. (The loadbalancing dont keep the same server during the same user session by the way)

Here is my config :

access-list ANY line 8 extended permit icmp any any

access-list ANY line 16 extended permit ip any any

probe tcp PROBE_TCP

interval 30

passdetect interval 60

rserver host web1

ip address 172.16.0.101

conn-limit max 50000 min 40000

inservice

rserver host web2

ip address 172.16.0.102

conn-limit max 50000 min 40000

inservice

serverfarm host FARM_WEB

predictor leastconns

probe PROBE_TCP

rserver web1

   inservice

rserver web2

   inservice

serverfarm host SINGLE_WEB1

rserver web1

   inservice

parameter-map type http HTTP_PARAMETER_MAP

persistence-rebalance

class-map match-all L4-WEB-IP

2 match virtual-address x.x.x.x tcp eq www

class-map match-all L4-WEBHTTPS-IP

2 match virtual-address x.x.x.x tcp eq https

class-map type http loadbalance match-all L7CLASSWEB1

2 match http url http://www.mycompany*

class-map type http loadbalance match-all L7CLASSWEB1-Mycompany.com

2 match http url http://www.mycompany.com/*

class-map type management match-all REMOTE_ACCESS

2 match protocol ssh any

policy-map type management first-match REMOTE_MGMT_ALLOW_POLICY

class REMOTE_ACCESS

   permit

policy-map type loadbalance http first-match WEB_L7_POLICY

class L7CLASSWEB1

   serverfarm SINGLE_WEB1

class L7CLASSWEB1-Mycompany.com

   serverfarm SINGLE_WEB1

class class-default

   serverfarm FARM_WEB

   insert-http x-forward header-value "%is"

   insert-http X-FORWARDED-FOR header-value "%is"

policy-map multi-match WEB-to-vIPs

class L4-WEB-IP

   loadbalance vip inservice

   loadbalance policy WEB_L7_POLICY

   loadbalance vip icmp-reply active

   nat dynamic 1 vlan 2129

   appl-parameter http advanced-options HTTP_PARAMETER_MAP

class L4-WEBHTTPS-IP

   loadbalance vip inservice

   loadbalance policy WEB_L7_POLICY

   loadbalance vip icmp-reply active

   nat dynamic 1 vlan 2129

   appl-parameter http advanced-options HTTP_PARAMETER_MAP

...

...

Labels:
0 Helpful
4 Replies 4

Jorge Bejarano
Level 4
Level 4

‎01-09-2012 07:11 PM

Hello Jean

The first thing which comes to my mind when you say: "The loadbalancing dont keep the same server during the same user session by the way" is you  need to configure some stickiness configuration, here you have a link about it:

http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/vA5_1_0/configuration/slb/guide/sticky.html#wp1007300

'

For the redirection question, what exactly do you want to acomplish?

Here you have an example which might help you out: http://docwiki.cisco.com/wiki/URL_Load_Balancing_Using_One_Arm_Mode_with_Source_NAT_on_the_Cisco_Application_Control_Engine_Configuration_Example

ACE-1/onearm(config)# class-map slb-vip
ACE-1/onearm(config-cmap)# match virtual-address 172.16.5.101 any

ACE-1/onearm(config)# class-map type http loadbalance match-all images
ACE-1/onearm(config-cmap-http-lb)# match http url /images/.*

ACE-1/onearm(config)# policy-map type loadbalance http first-match slb-logic
ACE-1/onearm(config-pmap-lb)# class images
ACE-1/onearm(config-pmap-lb-c)# serverfarm imagefarm
ACE-1/onearm(config-pmap-lb-c)# class class-default
ACE-1/onearm(config-pmap-lb-c)# serverfarm webfarm

As you can see above in this partial configuration, you have the VIP:172.16.5.101, that is 
our website: www.example.com, now we want to match www.example.com/images/, this is where we 
aree using the other class-map and based on that we finally execute the action of sending the 
request to the serverfarm imagefarm.

Hope this helps!!!

Jorge

http://docwiki.cisco.com/wiki/URL_Load_Balancing_Using_One_Arm_Mode_with_Source_NAT_on_the_Cisco_Application_Control_Engine_Configuration_Example

0 Helpful

jbbouillet
Level 1
Level 1
In response to Jorge Bejarano

‎01-10-2012 11:31 PM

Hello,

thanks for your complete answer. I will look at the stickyness configuration wich seems to be my problem.

Concerning the redirection, for some website, I would like to use a specific farm(with only one server now). I tried to create rules as you can see (the configuration in my first post except the domain name is already inside the ace) but it doesn't seems to work (mycompany.com ie go to my server 1 & 2).

Thanks for your help.

JB

0 Helpful

Borys Berlog
Cisco Employee
Cisco Employee
In response to jbbouillet

‎01-11-2012 07:45 AM

Hi Jean

If you want to have matching by "url" which is used by customer to access your website, the most closest thing is to match not url keyword but http header field "host"

Something like that :

match http header Host header-value www.mycompany.*  (without http here)

At this topic I expalined more detailed what "url" keyword is and why you can't use it like you did in your configuration

https://supportforums.cisco.com/message/3530960#3530960

0 Helpful

jbbouillet
Level 1
Level 1
In response to Borys Berlog

‎01-11-2012 07:58 AM

Thanks again for your time.

I will check this point!

JB

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card