Document ID: 41840 | PDF Downloads
|
FeedbackIntroduction
This document describes what happens when a client connects to a Virtual IP (VIP) and the switch is configured to send a redirect back to the client. There are two different types of redirects on the Content Services Switch (CSS), a content rule redirect and a service redirect. These two types of redirects are different in the way that they append information to the domain name, as well as when they are applied to the traffic that hits the associated VIP.
Prerequisites
Requirements
There are no specific requirements for this document.
Components Used
This document is not restricted to specific software and hardware versions.
Conventions
Refer to the Cisco Technical Tips Conventions for more information on document conventions.
Configure
In this section, you are presented with the information to configure the features described in this document.
Note: Use the Command Lookup Tool (registered customers only) to obtain more information on the commands used in this section.
Configurations
This document uses these configurations:
| Use a redirect in the content rule as the default action |
|---|
!*************************** OWNER ***************************
owner CSS-Team
content default-redirect
port 80
protocol tcp
vip address 192.168.1.20
url "/*"
redirect "//www.cisco.com/tac/"
active
|
Note: You can also specify the redirect field to be a different page on the same domain (for example, redirect "/support/index.html") so that the client is redirected to the same VIP but to a different page. This requires another content rule to accept the new page or else it becomes caught in a continuous loop to this content rule. The redirect field can also be configured as an IP address (for example, redirect "//192.168.1.21/").
The client goes to www.cisco.com/tac/ because any request to this VIP is redirected to the redirect string that is configured in the content rule. Notice that the /default.htm from the original request is not appended to the redirect string.
This example makes use of the redirect command in the content rule. Refer to the Command Reference for more information.
| Use a service in the content rule as the default action |
|---|
!************************** SERVICE **************************
service default-service
ip address 2.2.2.2
keepalive type none
type redirect
redirect-string "www.cisco.com/tac/"
active
!*************************** OWNER ***************************
owner CSS-Team
content default-redirect
vip address 206.25.90.84
protocol tcp
port 80
url "/*"
add service default-service
active
|
This configuration has the same result as using a redirect in the content rule as the default action. The client goes to www.cisco.com/tac/ because any request to this VIP is redirected to the redirect string that is configured in the service. Notice that the /default.htm from the original request is still not appended to the redirect string.
This example makes use of the type and redirect-string commands in the service. Refer to the Command Reference for more information.
The type is used to change the service from the default type of local to type redirect. The redirect-string command is the actual location that the client is redirected to. The client is redirected to the exact string quoted in the service and completely replaces the URL from the initial request.
| Use a service in the content rule as the backup action |
|---|
!************************** SERVICE **************************
service backup
ip address 2.2.2.2
keepalive type none
type redirect
redirect-string "www.cisco.com/tac/"
active
service regular-server1
ip address 10.2.3.4
active
service regular-server2
ip address 10.2.3.5
active
!*************************** OWNER ***************************
owner CSS-Team
content default-redirect
vip address 206.25.90.84
protocol tcp
port 80
url "/*"
add service regular-server1
add service regular-server2
add service backup
active
|
In this example, there are three services in the content rule. Two of the services (regular-server1 and regular-server2) are the default type of local. The third service (backup) is type redirect. The CSS behavior is to send all connections to local services if possible. This means that while any local service in a content rule is functional, the CSS does not send any traffic to the redirect service. Only in the event of all local services going down does the CSS ever use the redirect service.
No new commands are introduced in this example, only additional configuration techniques.
| Use a service in the content rule to redirect from HTTP to HTTPS |
|---|
!************************** SERVICE **************************
service secure-transfer
ip address 2.2.2.2
keepalive type none
type redirect
no prepend-http
domain https://www.cisco.com
active
service regular-server1
ip address 10.2.3.4
active
service regular-server2
ip address 10.2.3.5
active
!*************************** OWNER ***************************
owner CSS-Team
content default-redirect
vip address 206.25.90.84
protocol tcp
port 80
url "/*"
add service secure-transfer
active
content ssl-rule
vip address 206.25.90.84
protocol tcp
port 443
add service regular-server1
add service regular-server2
active
|
This example demonstrates a site that is required to operate over HTTPS exclusively. If a user comes into the site using HTTP, the CSS sends the user an HTTP redirect to come back in via HTTPS.
This example makes use of the domain and no prepend-http commands in the service.
The domain command replaces the domain portion of the original request with the domain specified in the service. It retains any URL (path and filename) information. This is useful when you need to redirect any request to a specific site, and need to preserve the requested filename.
By default, the CSS prepends http:// before any redirect it sends from a service. If you need to have the CSS prepend HTTPS://, then it needs to be entered on the domain line. When this is done, it is also necessary to turn on the default prepending string by issuing the no prepend-http command.
Verify
There is currently no verification procedure available for this configuration.
Troubleshoot
There is currently no specific troubleshooting information available for this configuration.
Related Information
- Cisco Content Services Switch
- CSS 11000 Series Content Services Switches
- Technical Support & Documentation - Cisco Systems
| Updated: Mar 03, 2006 | Document ID: 41840 |