nlffel439 Posted April 29 Share Posted April 29 Hi folks, I have a problem with the following scenario on a CS vServer: Input: “any.url.host/Path1/Path2” The backend is also called via websocket Protocol (wss://) Call in the backend “192.168.123.5:8080/Path2” I have tried it so far via a URL Transform URL Policy with two actions I don't want to rule out that I have tried too much and have now lost the overview. But maybe someone else has an idea why the call still doesn't work. Action 1 - Prio 30 Converts the respons from the server back into the required URL in the browser: Action 2 - Prio 60 Convers the request from the Browser into the required Path on the Backend: Link to comment Share on other sites More sharing options...
Rick Davis Posted April 29 Share Posted April 29 -reqUrlFrom "http(s?)://any.url.host/Path1/(.*)" -reqUrlInto "http$1://192.168.123.5/$2" -resUrlFrom "http(s?)://192.168.123.5/(.*)" -resUrlInto "http$1://any.url.host/Path1/($2)" you will also need a responder to redirect from any.url.host/ to any.url.host/Path1/ since the application doesn't know about /Path1/ Link to comment Share on other sites More sharing options...
Jeff Riechers Posted April 30 Share Posted April 30 (edited) Does the client NEED to connect directly to backend via IP? Because this will change the URL and Hostname so that the client connects directly. Instead you would setup a non-addressable LB and have the content switch keep the HOSTNAME, but just change the URL portion after the hostname. Then it would drop that to the LB that then goes to the backend server on how it is defined in the LB service. Edited April 30 by Jeff Riechers Link to comment Share on other sites More sharing options...
nlffel439 Posted April 30 Author Share Posted April 30 (edited) First of all, thanks for the answers :) @Rick Davis: Unfortunately the suggestion did not help. Websocket is activatet in the HTTP Profile for this CS vServer @Jeff Riechers: It is the case that the call runs via a non-addressed vServer which is attached to a CS vServer as CS Policy. The service with the backend IP and the port is attached to the non-addressed vServer. Edited April 30 by nlffel439 Link to comment Share on other sites More sharing options...
Rick Davis Posted April 30 Share Posted April 30 CTX235401 states content switching support websockets. Your wss failing may be related to SSL certificate warnings. Please verify that HTTP and HTTPS are both working correctly, first. You can also try ws:// for a clear text websocket test to rule out PKI related problems. After that, try secure (wss) websocket connection. Bind your HTTP profile (with websockets enabled) to the nonaddressable vserver too. Link to comment Share on other sites More sharing options...
nlffel439 Posted May 2 Author Share Posted May 2 I think I can rule out a problem with the WebSocket configuration, I have checked it again and another service on the same CS vServer is also running without problems with WSS. There must be something wrong with the URL rewrite policy. Link to comment Share on other sites More sharing options...
Solution Rick Davis Posted May 3 Solution Share Posted May 3 Will this working example get you on track? Client: 192.168.200.1 Server: 192.168.200.2:8080 (ws: /Path2) cs_VIP: 192.168.200.231:80 In this content switching example, requests for /Path1/.. are sent to a designated non-addressable vserver called ws_vserver. The client connects to the Content Switching VIP on port 80 URL Translation removes /Path1 from the URI and NetScaler forwards the request to the server on port 8080 The Server sees the established websocket connection and test echo messages are working. # Add the URL-Transform add transform profile ws_URL-T add transform action ws_url_transform ws_URL-T 1 set transform action ws_url_transform -priority 1 -reqUrlFrom "/Path1/(.*)" -reqUrlInto "/$1" add transform policy ws_url-t TRUE ws_URL-T # Setup the non-addressable vserver (and transform the URL) add service ws_service 192.168.200.2 HTTP 8080 add lb vserver ws_vserver HTTP 0.0.0.0 0 -persistenceType NONE -httpProfileName nshttp_ws_profile bind lb vserver ws_vserver ws_service bind lb vserver ws_vserver -policyName ws_url-t -priority 100 -gotoPriorityExpression END -type REQUEST # Setup the Content Switch (and look for /Path1/..) add ns httpProfile nshttp_ws_profile -webSocket ENABLED add cs vserver ws_cs HTTP 192.168.200.231 80 -httpProfileName nshttp_ws_profile -persistenceType NONE add cs action ws_path1 -targetLBVserver ws_vserver add cs policy ws_path1_path2 -rule q{HTTP.REQ.URL.PATH.GET(1).SET_TEXT_MODE(IGNORECASE).EQ("Path1")} -action ws_path1 bind cs vserver ws_cs -policyName ws_path1_path2 -priority 100 URL-T is meant to handle several transform actions. The one I used here is the minimum for the websocket connection. Adding the one I listed previously might be needed to address any links the server is issuing. It also might need to be tweaked further for your specific needs. 1 Link to comment Share on other sites More sharing options...
nlffel439 Posted May 3 Author Share Posted May 3 WOW Thank you Rick for this detailed test. The problem was solved with the help of your configuration example. Many thanks for the support Link to comment Share on other sites More sharing options...
nlffel439 Posted May 3 Author Share Posted May 3 I think I also got really lost in the tests I had done over the last few days. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now