Application Delivery (ADX)

Reply
Occasional Contributor
Posts: 7
Registered: ‎01-30-2013

CSW redirection

Hello people interesting:

There is question how to implement CSW redirection according scenario bellow:

There are records:

b1.site.com

b2.site.com

b3.site.com

All records resolve to one ip. - 1.1.1.1

Users should create request:

 

https://b1.site.com and should redirected to http://site.com: port1

https://b2.site.com and should redirected to http://site.com: port2

https://b3.site.com and should redirected to http://site.com: port3

 

The site.com - also VIP on another ADX.

 

According this scenario SSL offload should be implemented, but how exactly should be implemented CSW rules?

 

 

The following config doesnt work:

csw-rule "b1" header "host" equals "b1.site.com"
csw-rule "b2" header "host" equals "b2.site.com"
csw-rule "b3" header "host" equals "b3.site.com"

 

csw-policy "site"
match "b1" redirect "*" "*" port1 301
match "b2" redirect "*" "*" port2 301
match "b3" redirect "*" "*" port3 301

 

server remote-name server 2.2.2.2
source-nat
port port1
port port2
port port3

 

server virtual Site 1.1.1.1

predictor round-robin
port port1 sticky
port port2 sticky
port port3 sticky

port ssl sticky

port ssl ssl-terminate sslprofile
port ssl csw-policy "site"
port ssl csw

bind port1 server port1

bind port2 server port2
bind port3 server port3

 

Without SSL configuration it is also doesnt work.

Probably need to implement another binding or another CSW policy?

 

Contributor
Posts: 74
Registered: ‎08-18-2011

Re: CSW redirection

Hi 

You can configure your adx like this to achieve the desired redirection:

 

csw-rule "b1" header "Host" equals "b1.site.com"
csw-rule "b2" header "Host" equals "b2.site.com"
csw-rule "b3" header "Host" equals "b3.site.com"
!
csw-policy "site"
match "b1" forward 1000
match "b2" forward 1001
match "b3" forward 1002

 

server real rs1 x.x.x.x
port 8080
port 8080 group-id 1000 1000
port 8081
port 8081 group-id 1001 1001
port 8082
port 8082 group-id 1002 1002
!

server real rs2 x.x.x.x
port 8080
port 8080 group-id 1000 1000
port 8081
port 8081 group-id 1001 1001
port 8082
port 8082 group-id 1002 1002
!

 

server virtual vs1 20.20.20.189
port http
port http csw-policy "site"
port http csw
port http keep-alive

bind http rs1 8080 rs1 8081 rs1 8082 rs2 8080

bind http rs2 8081 rs2 8082

 

When the rule b1 is hit it will select a port with group-id 1000 from the server rs1 and rs2. 

You may also want to add a default rule in the policy for what to do in case the url does not match.

 

-Mohit

-Mohit Sahni

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.