Forum Discussion

boneyard's avatar
Feb 20, 2012

redirect not being send

i have an iRule that among some other things checks if an incoming https session is authenticated (it should have a cookie signalling this) and if not sends a redirect to a login page.

 

 

this works fine 99.9% of the time, but in some rare cases it fails, the redirect is not send and only a RST,ACK can be seen in the packet capture. during a working session a FIN,ACK can be seen before the RST,ACK

 

 

it has been impossible to find a common cause, it seems to happen randomly, load doesnt appear to have a direct effect. as said, it works most of the time, but sometimes not.

 

 

as a final twist ASM is enabled on the virtual server the clients connect to. it is just logging, not blocking or anything. if it is turned off via the GUI all redirects seem to reach the client fine.

 

 

part of the code:

 

 

...

 

 

when HTTP_REQUEST {

 

 

...

 

 

else {

 

 

found no cookie

 

 

SSL::respond "HTTP/1.0 302 Found\r\nLocation: /login.php?id=$id\r\nSession: close\r\n\r\n"

 

 

TCP::close

 

 

return

 

 

never get here

 

}

 

 

}

 

2 Replies

  • I think you'll need to open a support case to get help diagnosing this issue.

     

     

    Out of curiosity, does it occur if you change SSL::respond to HTTP::respond 302 Location "/login.php?id=$id" Session Close?

     

     

    Aaron
  • HTTP::respond does the trick, apparently weird things happen with SSL::respond triggering parts of the F5 that I wouldn't expect.

     

     

    Would be nice to read some more about the use of SSL:respond. what is the difference from TCP::respond, that it does use SSL where TCP:respond doesnt? HTTP::respond clearly does follow SSL when used within a SSL virtual server.