Bug ID 560405: Optional target IP address and port in the 'virtual' iRule API is not supported.

Last Modified: Mar 21, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
10.2.4, 11.2.1, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 12.0.0, 12.0.0 HF1, 12.0.0 HF2

Fixed In:
12.0.0 HF3, 11.5.4 HF2

Opened: Dec 01, 2015
Severity: 3-Major

Symptoms

In certain scenarios there is a need to redirect an HTTP request through a given virtual server to a another virtual server (or remote endpoint). Such an operation is also known as 'vip-to-vip' forwarding. The available iRule API (specifically, the 'virtual' command) does not currently support this functionality.

Impact

Cannot implement HTTP Forward Proxy plus Transparent redirection to Web-Cache Pool.

Conditions

Using an iRule to forward a request through a given virtual server to another virtual server or remote endpoint.

Workaround

None.

Fix Information

None

Behavior Change

The 'virtual' iRule API has been changed to support a secondary target IP address and port to redirect the connection to, from a given virtual server. The new signature of the 'virtual' iRule API is: virtual [<name>] [<ipaddr> [<port>]] where: -- <name> = the name of the virtual server to redirect the connection from. -- <ipaddr> = the target IP address of the remote endpoint to route the connection to, through the specified virtual server; <ipaddr> can also have a route-domain (%). -- <port> = the port of the remote endpoint to route the connection to, through the specified virtual server.