02-23-2005 09:30 AM
Having a hard time to get a load balanced redirect working on the css.
What i want to do...
VIP accepts the client request and instead of forwarding it simply to port 80 on the backend it redirects it to "hostname.domain:50000/dir/".
I have read the two docs on redirecting but haven't been able to produce a working config so far. I am a bit confused which approach to take.
What configuration would be correct for the services?
service 1
ip a.b.c.d
type redirect
redirect string "hostname.domain:50000/dir/"
or
service 1
ip a.b.c.d
domain http://hostname.domain:50000/dir"
no prepend-http
---
Another thing is how do i configure the content rules. Do i only need a single rule which listenes on port 80 and just add the service or do i have to create a second rule which then listenes on port 50000.
content rule1
vip address 10.10.10.1
add service server1
protocol tcp
port 80
url "/"
active
or and additional rule like...
content rule2
vip address 10.10.10.1
add service server1
protocol tcp
port 50000
url "/"
active
Thanks for Reading!
Ps: Any advice on a good book for the CSS Series Switches?
02-24-2005 12:38 AM
you can't use domain if you want to redirect to a specific url [that is a domain + a path].
The command domain is if you just want to replace the domain part of the url.
You need a rule 80 to catch the first request and apply the redirect.
You may need a rule 5000 if you also want to intercept this traffic and loadbalance it.
This is all explained at
Regards,
Gilles.
02-24-2005 06:02 AM
I already read that example and it doesn't seem to fit for my case.
I have four servers which start their services at the path fqdn/path/.
For design reasons they need to be load balanced and appear as a single url. We have created an Record (A) in the DNS whicht points to the VIP.
service.domain.de -> 10.10.10.1
The entry directory on the server itself "/path/" is a local redirector which points to
localserver1.domain.de:50000/path/
localserver2.domain.de:50200/path/
localserver3.domain.de:50300/path/
localserver4.domain.de:50400/path/
I am able to configure a service entry for each with type redirect and use as redirect-string "/ip/path".
service redirect-localserver1-http
ip address 192.168.1.1
type redirect
no prepend http
redirect-string "http://192.168.1.1/path/"
active
my content rule looks like this
owner test
content redirect-http
protocol tcp
port 80
url "/*"
add service redirect-localserver1-http
active
The result of this rule is a working redirect based on IP address. Looks in the browser like "http://192.168.1.1/path/".
But what i need is the same thing based upon the A Record. "service.domain.de/path".
If i change the service redirect-string to "http://service.domain.de/path" i end up in a loop on the CSS.
If i understood correct i need to provide another content rule which intercepts the redirected page now. I tried different approaches but none seems to work.
Funny thing is, if i use a "global redirect" in the content rule the redirection does not work at all. Serverlog shows a "Get /" which is not what i need.
content default-redirect
redirect "//service.domain.de/path"
protocol tcp
port 80
url "/*"
add service redirect-localserver1-http
active
Any advice on what to do?
02-24-2005 07:10 AM
Sorry but you're not clear.
What is the url that will be entered and where do you want to redirect it.
Do you need to intercept the redirect ?
The page I gave shows the different options possible on the CSS to configure redirect.
You have to use one of these options to fit into your case.
Again, if you want to preserve the path provided by the client, all you can do is change the domain name with the domain command.
If you want to override the path, you need to use the redirect-string command.
If you want to keep part of the path or override just part of the path, this is not possible.
Gilles.
02-24-2005 08:10 AM
The URL the user will enter "www.mysite.com" which points to the vip.
The back end consists of 4 server. Which start their content at a directory one below root and redirect internal to a high port (5000,50200 etc.).
server1.mysite.com/path/
server2.mysite.com/path/
I want a content rule which redirects the url entered www.mysite.com to www.mysite.com/path/.
Because of reasons i can not influence we can't just simply redirect at the root of each server. So i have to redirect first on the CSS.
I got it working for http now and still have no clue if will work for https as well.
The Application we are trying to load balance this way is an SAP Enterprise Portal 6 running on IIS6 (Win2K3 Server).
I will post some part of my config now.
-------
owner Portal
content http-catch
port 80
protocol tcp
url "//www.mysite.com/irj*"
vip address x.y.z.21
add service http-sas00572
add service http-sas00573
add service http-sas00574
add service http-sas00575
active
content https-catch
application ssl
advanced-balance ssl
sticky-inact-timeout 5
balance aca
protocol tcp
port 443
url "//www.mysite.com/irj*"
vip address x.y.z.21
add service http-sas00571
add service http-sas00572
add service http-sas00573
add service http-sas00575
active
content redirect-http
protocol tcp
port 80
url "/*"
vip address x.y.z.21
add service redirect-http-sas00572
add service redirect-http-sas00573
add service redirect-http-sas00574
add service redirect-http-sas00575
balance aca
advanced-balance sticky-srcip
sticky-inact-timeout 5
active
content redirect-https
protocol tcp
port 443
url "/*"
vip address x.y.z.21
add service redirect-https-sas00572
add service redirect-https-sas00573
add service redirect-https-sas00574
add service redirect-https-sas00575
active
----------
service http-sas00572
ip address a.b.c.182
active
service http-sas00573
ip address a.b.c.183
active
service redirect-http-sas00572
ip address a.b.c.182
type redirect
keepalive type http
port 50000
keepalive frequency 15
keepalive retryperiod 15
keepalive uri "/index.html"
no prepend-http
redirect-string "http://a.b.c.182:8080/"
active
service redirect-http-sas00573
ip address a.b.c.183
type redirect
keepalive type http
port 50200
keepalive frequency 15
keepalive retryperiod 15
keepalive uri "/index.html"
no prepend-http
redirect-string "http://a.b.c.183:8080/"
active
service redirect-https-sas00572
ip address a.b.c.182
type redirect
keepalive type http
port 50000
keepalive frequency 15
keepalive retryperiod 15
keepalive uri "/index.html"
no prepend-http
redirect-string "https://a.b.c.182/irj/"
active
service redirect-https-sas00573
ip address a.b.c.183
type redirect
keepalive type http
port 50200
keepalive frequency 15
keepalive retryperiod 15
keepalive uri "/index.html"
no prepend-http
redirect-string "https://a.b.c.183/irj/"
active
02-24-2005 10:31 AM
ok - glad you could make it work for HTTP.
Now, for HTTPS, it will be difficult.
The advantage of HTTPS over HTTP is that the traffic is encrypted.
So nobody else than the source and the destination can see it.
Which means the CSS can't see the URL and can't respond with a redirect.
You need an ssl module to decrypt the traffic in order to do this.
Regards,
Gilles.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide