Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

forcing traffic to a particular url

Hello

I would like to be able to force traffic destined for this url http://test.eircom.ie to go to service A and traffic for http://test.eircom.ie/ws to go to service B.

How might I do this?

Thanks

Donagh

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: forcing traffic to a particular url

Here you go:

owner MyCompany

content WS

vip x.x.x.x

proto tcp

port 80

url "/ws/*"

add service service_B

active

content Any

vip x.x.x.x

proto tcp

port 80

url "/*"

add service service_A

active

6 REPLIES
Cisco Employee

Re: forcing traffic to a particular url

Donagh,

could you please specify what hardware you are using.

You will need a L7 rule to match on the url, but the config is different depending on the hardware.

Gilles.

Community Member

Re: forcing traffic to a particular url

Hi Gilles

Thanks for your reply.

I am using a CSS11503.

Regards

Donagh

Cisco Employee

Re: forcing traffic to a particular url

Here you go:

owner MyCompany

content WS

vip x.x.x.x

proto tcp

port 80

url "/ws/*"

add service service_B

active

content Any

vip x.x.x.x

proto tcp

port 80

url "/*"

add service service_A

active

Community Member

Re: forcing traffic to a particular url

Gilles

You're a top man.

Thanks

Donagh

Community Member

Re: forcing traffic to a particular url

Hi Gilles

I have tried to implement this but I cannot get it to work. The big difference is that I am trying to do this for SSL traffic. Here is my config

content TEST-ssl

vip address 10.40.21.26

application ssl

add service tst01-SSL-2443

add service tst01-ssl-2444

advanced-balance sticky-srcip

protocol tcp

port 443

url "/*"

active

content TEST-ssl-01

vip address 10.40.21.26

add service tst01-SSL-2445

add service tst01-SSL-2446

application ssl

advanced-balance sticky-srcip

protocol tcp

port 443

url "/WS/*"

active

Traffic destined for https://test.eircom.ie/go gets transferred to ports 2445 and 2446. Traffic destined for https://test.eircom.ie/WS does not work and returns a "page cannot be displayed" error.

Traffic for "/WS/*" is being delivered to the webserver by means of a POST using a service called SOAP over HTTP. Perhaps that makes a difference to the operation?

Thanks

Donagh

Cisco Employee

Re: forcing traffic to a particular url

Donagh,

the big difference with ssl is that traffic is encrypted so nobody (including the CSS) can see the data. Therefore the CSS does not see the url and it fails to match a content rule.

The first rule is ok because the url is match any.

You need an ssl module to do this.

Gilles.

224
Views
0
Helpful
6
Replies
CreatePlease to create content