Turn on suggestions
![]() Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
|
06-16-2014 06:21 AM
Hello people interesting:
There is question how to implement CSW redirection according scenario bellow:
There are records:
b1.site.com
b2.site.com
b3.site.com
All records resolve to one ip. - 1.1.1.1
Users should create request:
https://b1.site.com and should redirected to http://site.com: port1
https://b2.site.com and should redirected to http://site.com: port2
https://b3.site.com and should redirected to http://site.com: port3
The site.com - also VIP on another ADX.
According this scenario SSL offload should be implemented, but how exactly should be implemented CSW rules?
The following config doesnt work:
csw-rule "b1" header "host" equals "b1.site.com"
csw-rule "b2" header "host" equals "b2.site.com"
csw-rule "b3" header "host" equals "b3.site.com"
csw-policy "site"
match "b1" redirect "*" "*" port1 301
match "b2" redirect "*" "*" port2 301
match "b3" redirect "*" "*" port3 301
server remote-name server 2.2.2.2
source-nat
port port1
port port2
port port3
server virtual Site 1.1.1.1
predictor round-robin
port port1 sticky
port port2 sticky
port port3 sticky
port ssl sticky
port ssl ssl-terminate sslprofile
port ssl csw-policy "site"
port ssl csw
bind port1 server port1
bind port2 server port2
bind port3 server port3
Without SSL configuration it is also doesnt work.
Probably need to implement another binding or another CSW policy?
06-17-2014 05:17 PM
Hi
You can configure your adx like this to achieve the desired redirection:
csw-rule "b1" header "Host" equals "b1.site.com"
csw-rule "b2" header "Host" equals "b2.site.com"
csw-rule "b3" header "Host" equals "b3.site.com"
!
csw-policy "site"
match "b1" forward 1000
match "b2" forward 1001
match "b3" forward 1002
server real rs1 x.x.x.x
port 8080
port 8080 group-id 1000 1000
port 8081
port 8081 group-id 1001 1001
port 8082
port 8082 group-id 1002 1002
!
server real rs2 x.x.x.x
port 8080
port 8080 group-id 1000 1000
port 8081
port 8081 group-id 1001 1001
port 8082
port 8082 group-id 1002 1002
!
server virtual vs1 20.20.20.189
port http
port http csw-policy "site"
port http csw
port http keep-alive
bind http rs1 8080 rs1 8081 rs1 8082 rs2 8080
bind http rs2 8081 rs2 8082
When the rule b1 is hit it will select a port with group-id 1000 from the server rs1 and rs2.
You may also want to add a default rule in the policy for what to do in case the url does not match.
-Mohit