Solved: Re: LB redirection configuration ACE30

fsarisac · ‎05-11-2011

Hi,

I have two server farms and each includes two real servers on my ACE30. (See the basic

configuration below)

They have 2 VIP's. (10.10.10.101, 10.10.10.102)

One of them serves as http://vip1/path1/index.html
and the other serves as http://vip2/path2/index.html

My need is to define one more VIP (for example 10.10.10.100) and make a redirection to

appropriate server farm in according to url.

For example;

When user go to link http://vip3/path1 user must be redirected server farm1 (http://vip1/path1/index.html);
When user go to link http://vip3/path2 user must be redirected server farm2. (http://vip2/path2/index.html).

I don't know how to make this. If anyone help, it will be highly appreciated.

Thanks,
Ferruh

access-list ALL line 16 extended permit ip any any

probe tcp HTTP
interval 5
faildetect 2
passdetect interval 10
passdetect count 2
open 3

rserver host SERVER1
ip address 10.10.10.10
inservice
rserver host SERVER2
ip address 10.10.10.11
inservice
rserver host SERVER3
ip address 10.10.10.12
inservice
rserver host SERVER4
ip address 10.10.10.13
inservice

serverfarm host SF1
predictor leastconns
probe HTTP
rserver SERVER1
inservice
rserver SERVER2
inservice

serverfarm host SF2
predictor leastconns
probe HTTP
rserver SERVER3
inservice
rserver SERVER4
inservice

class-map match-all VIP1
2 match virtual-address 10.10.10.101 tcp eq www

class-map match-all VIP2
2 match virtual-address 10.10.10.102 tcp eq www

class-map type management match-any mgmt-cm
2 match protocol https any
3 match protocol icmp any
4 match protocol snmp any
5 match protocol ssh any

policy-map type management first-match mgmt-pm
class mgmt-cm
permit

policy-map type loadbalance first-match TEST-SERVERS1
class class-default
serverfarm SF1

policy-map type loadbalance first-match TEST-SERVERS2
class class-default
serverfarm SF2

policy-map multi-match TEST-POLICY
class VIP1
    loadbalance vip inservice
    loadbalance policy TEST-SERVERS1
    loadbalance vip icmp-reply
class VIP2
    loadbalance vip inservice
    loadbalance policy TEST-SERVERS2
    loadbalance vip icmp-reply

interface vlan 10
description "VLAN in bridged mode."
bridge-group 1
access-group input ALL
service-policy input mgmt-pm
service-policy input TEST-POLICY
no shutdown

interface vlan 20
description "LOADBALANCE VLAN on the bridge."
bridge-group 1
access-group input ALL
no shutdown

interface bvi 1
ip address 10.10.10.2 255.255.255.0
no shutdown

ip route 0.0.0.0 0.0.0.0 10.10.10.1

Daniel Arrondo Ostiz · ‎05-12-2011

Hi Ferruh,

In this situation, you have two possible ways to approach your setup

The first one, which is the one I would personally recommend would be configure this new vip with a L7 configuration and directly load-balance the traffic to the correct serverfarm. The configuration would be similar to the one below (I'm only putting the parts that are either new or modified):

class-map type http loadbalance match-all URL1
  2 match http url /path1/*

class-map type http loadbalance match-all URL2
  2 match http url /path2/*

policy-map type loadbalance first-match TEST-SERVERS3
 class URL1
 serverfarm SF1

  class URL2
    serverfarm SF2

policy-map multi-match TEST-POLICY
  class VIP1
    loadbalance vip inservice
    loadbalance policy TEST-SERVERS1
    loadbalance vip icmp-reply
  class VIP2
    loadbalance vip inservice
    loadbalance policy TEST-SERVERS2
    loadbalance vip icmp-reply
  class VIP3
    loadbalance vip inservice
    loadbalance policy TEST-SERVERS3
    loadbalance vip icmp-reply

The second alternative is configuring the same kind of URL matching as before, but instead of load-balancing directly, redirecting the traffic to one of the other two VIPs. In this case, the configuration would be:

rserver redirect redirect_server1
  webhost-redirection http://vip1/path1/index.html
  inservice

serverfarm redirect redirect_farm1
  rserver redirect_server1
    inservice

policy-map type loadbalance first-match TEST-SERVERS3
  class URL1
    serverfarm redirect_farm1

  class URL2
    serverfarm redirect_farm2

I hope this helps

Daniel

View solution in original post

Daniel Arrondo Ostiz · ‎05-12-2011

Hi Ferruh,

In this situation, you have two possible ways to approach your setup

The first one, which is the one I would personally recommend would be configure this new vip with a L7 configuration and directly load-balance the traffic to the correct serverfarm. The configuration would be similar to the one below (I'm only putting the parts that are either new or modified):

class-map type http loadbalance match-all URL1
  2 match http url /path1/*

class-map type http loadbalance match-all URL2
  2 match http url /path2/*

policy-map type loadbalance first-match TEST-SERVERS3
 class URL1
 serverfarm SF1

  class URL2
    serverfarm SF2

policy-map multi-match TEST-POLICY
  class VIP1
    loadbalance vip inservice
    loadbalance policy TEST-SERVERS1
    loadbalance vip icmp-reply
  class VIP2
    loadbalance vip inservice
    loadbalance policy TEST-SERVERS2
    loadbalance vip icmp-reply
  class VIP3
    loadbalance vip inservice
    loadbalance policy TEST-SERVERS3
    loadbalance vip icmp-reply

The second alternative is configuring the same kind of URL matching as before, but instead of load-balancing directly, redirecting the traffic to one of the other two VIPs. In this case, the configuration would be:

rserver redirect redirect_server1
  webhost-redirection http://vip1/path1/index.html
  inservice

serverfarm redirect redirect_farm1
  rserver redirect_server1
    inservice

policy-map type loadbalance first-match TEST-SERVERS3
  class URL1
    serverfarm redirect_farm1

  class URL2
    serverfarm redirect_farm2

I hope this helps

Daniel

fsarisac · ‎05-12-2011

Hi Daniel,

It worked good.

Thanks for your help.

Ferruh