Application Delivery (ADX)

Reply
New Contributor
Posts: 4
Registered: ‎11-06-2009

CSW policy for forwarding sub directories

I am having an issue forwarding traffic in the following manner:

www.company.com --> 10.10.1.1

www.company.com/portal1 --> 10.10.1.2

www.company.com/portal2 --> 10.10.1.2

etc...

I need the highlevel domain to go to one server and the sub directories to go to another server. Here is what I tried:

csw-rule lp-r1 url prefix "/portal1"

csw-rule lp-r2 url prefix "/portal2"



csw-policy legacy-portals

match lp-r1 forward 10

match lp-r2 forward 10



server real legacy-portal 10.10.1.2

port http

port http url "HEAD /"

port http group-id  10 10



server real new-site 10.10.1.1

port http

port http url "HEAD /"



server virtual web-proxy-vip 10.10.3.45

port http

port http csw-policy "legacy-portals"

port http csw

bind http  new-site http



When I test, I get 'Broken Link'. I try to see if the CSW-policy is actually getting hit but the 'sh csw-policy' does not show any hits. The 'www.company.com' works but the sub directories don't.

Any ideas?

Super Contributor
Posts: 316
Registered: ‎05-01-2009

Re: CSW policy for forwarding sub directories

The configuration does not look to bad but there are some things I miss:

1. add a default action to the policy:

csw-policy legacy-portals

match lp-r1 forward 10

match lp-r2 forward 10

default forward 20

2. add group-id 20 to the new-site real server:

server real new-site 10.10.1.1

port http

port http url "HEAD /"

port http group-id 20 20

3. add the legace-portal server to the virtual server bindings:

server virtual web-proxy-vip 10.10.3.45

port http

port http csw-policy "legacy-portals"

port http csw

bind http  new-site http legacy-portal http

"show csw-policy legacy-portals" should show some hits in case you are trying to access one of the sub directories. I would suggest to take a trace at the client as well to see if the server is sending a redirect back using the real server IP or something different from the VIP as redirect location. I hope you have checked that all real servers are up and running (show server bind and show log).

New Contributor
Posts: 4
Registered: ‎11-06-2009

Re: CSW policy for forwarding sub directories

I see what you are getting at. I assumed that if the CSW policy was not matched, it would then follow the bind statement in the VIP. If I wanted to log the connections, can I just add a log action in the policy like this? Will this log AND forward?

csw-policy legacy-portals

match lp-r1 log "$SIP:$SPT->$DIP$DPT, $URL ,rule:$RUL,action:$ACT"

match lp-r1 forward 10



I will try your suggestions and provide feed back but you definitely pointed out a problem in how I thought this would work.

Thanks

Super Contributor
Posts: 316
Registered: ‎05-01-2009

Re: CSW policy for forwarding sub directories

I would go for the config changes first of all. There are better ways to debug stuff then the log actions to be honest. show csw-policy should tell you about the hits and a trace using debug filter is going to tell you what is coming in and what is going out (I have written a wiki related to debug filter). Last but not least there is something calle "url debug" at the rconsole level in case it is really necessary to troubleshot this.

New Contributor
Posts: 4
Registered: ‎11-06-2009

Re: CSW policy for forwarding sub directories

"There are better ways to debug stuff then the log actions to be honest"

Yeah. I was looking at using the 'log' function mainly for reporting purposes through syslog. The software I use for syslog can be trained to watch this and generate reports etc. Thanks for the feedback though and for the help.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

Click to Register
Download FREE NVMe eBook