Guest

Cisco CSS 11500 Series Content Services Switches

Configuring Redirects on the CSS 11000

Cisco - Configuring Redirects on the CSS 11000 and CSS 11500

Document ID: 25843

Updated: Jan 31, 2006

   Print

Introduction

This document describes what happens when a client connects to a Virtual IP (VIP) address and the switch is configured to send a redirect back to the client. There are two different types of redirects on the Cisco CSS 11000 and CSS 11500 Series Content Services Switches: the content rule redirect and the service redirect. These two types of redirects are different in the way that they append information to the domain name, as well as when they are applied to the traffic that hits the associated VIP.

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

This document is not restricted to specific software and hardware versions.

The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command before you use it.

Conventions

For more information on document conventions, refer to the Cisco Technical Tips Conventions.

Examples

Example 1: To Change a Web site over to a New Domain Name

The client browses www.arrowpoint.com/index.html, which resolves to 206.25.90.84. The switch configuration is shown here.

!************************** SERVICE ************************** 
service AC 
 ip address 2.2.2.2 
 keepalive type none 
 type redirect 
 domain www.cisco.com/customers 
 active 

The IP address of the service must be a private address, because this device is not necessary in your network. You have to shut off keepalives so that the service stays alive; the IP address that you specify does not reflect any devices in your network. The type redirect command is used to make the service a redirect service. The domain must reflect where the client is redirected. In place of an actual domain, such as www.cisco.com, you can enter an IP address. However, you must understand that the IP address shows up in the client's browser (this is only a concern if you are certain that your domain name needs to show up in the client's browser).

!*************************** OWNER *************************** 
owner ARC 
 content SR 
  port 80 
  protocol TCP 
  vip address 206.25.90.84 
  add service AC 
  URL "/*" 
  active 

The VIP address must be equivalent to the IP address that the Domain Name System (DNS) resolves for www.arrowpoint.com. The service that is defined must be configured as was the service configured for redirects. In order to have a service as the type redirect the content rule must be a Layer five (L5) rule, which means you need to add the URL parameter.

The end result is that the client is sent to www.cisco.com/customers/index.html. The client resolves www.arrowpoint.com, which turns out to be a VIP on the box. When the request matches the VIP, the request is sent to the service named AC. AC redirects the client to www.cisco.com/customers and also appends the URL (index.html) of the original packet.

Example 2: All other servers in the content rule are down

The client enters www.arrowpoint.com, which resolves to 206.25.90.84. The switch configuration is shown here.

!************************** SERVICE ************************** 
service AC 
 IP address 2.2.2.2 
 keepalive type none 
 type redirect 
 domain www.arrowpoint2.com 
 active 

 service regular_server 
 IP address 10.2.3.4 
 active 

 service regular_server2 
 IP address 10.3.4.5 
 active 
!*************************** OWNER *************************** 
owner ARC 
 content SR 
  port 80 
  protocol TCP 
  vip address 206.25.90.84 
  add service AC 
  add service regular_server 
  add service regular_server2 
  URL "/*" 
  active 

The end result is that the client must get the data from either regular_server or regular_server2. However, if both services are down, the traffic is sent to the redirect service. The www.arrowpoint2.com domain can resolve to another VIP on the Cisco box or to a remote location. Some users have the redirect service point to a page that displays a message that the site is temporarily down. You must be aware that anything that is typed in as the URL, as in the first example , is appended to the redirect service. This can become a problem if the user types in www.arrowpoint.com/support/index.html and the redirect service is only configured to have one page, for example, www.arrowpoint2.com/sitedown.html. In this case, the user's session is timed out.

Example 3: Redirect in a Content Rule

The client enters www.arrowpoint.com/default.htm, which resolves to 206.25.90.84. The switch configuration is shown here.

!*************************** OWNER *************************** 
owner ARC 
 content SR 
  port 80 
  protocol TCP 
  vip address 206.25.90.84 
  URL "/*" 
  redirect "//www.cisco.com/internal/index.html" 
  active 

You can also specify that the redirect field be a different page on the same domain (for example, redirect "/support/index.html") so that the client is redirected to the same VIP, but a different page. This requires another content rule to accept the new page, or else the page is caught in a continuous loop to this content rule. The redirect field can also be configured as just an IP address (for example, redirect "//192.168.17.2").

The end result is that the client goes to www.cisco.com/internal/index.html. Any request to this VIP is redirected to the redirect string that is configured in the content rule.

Note: The /default.htm from the original request is not appended to the redirect string.

Related Information

Updated: Jan 31, 2006
Document ID: 25843