Redirection and passing the original URL to backend server in netscaler

Introduction

We have recently got a new use case for the netscaler redirection. The aim was to redirect the request and at the same time passing the original request from netscaler to the backend servers. I searched a lot and could not find very clear instructions and so thought of writing one myself.

So in this step-by-step guide, the end users will be calling http://netscaler-ip/test/index.html and they will be redirected to the backend servers at http://backend-server/dump/index.html. Besides this the backend server would also be passed the original URL which the end user is calling. In our case this is http://netscaler-ip/test/index.html.  Please note that normally the backend servers will not get the url called by end-users but instead the url which is being called by netscaler.

Step-by-step

Assuming the server, services, Virtual Server and Content Switching Virtual server(if required) is already configured. So you are able to call the http://backend-server/test/index.html by calling http://netscaler-ip/test/index.html

So the first step is to configure the redirection policy.

 

Netscaler policies
Netscaler policies

Create a redirection policy as shown below :

redirection policy using netscaler rewrite
redirection policy

Also create the corresponding rewrite action :

rewrite-action

 

Here in the above rewrite action, we wanted to replace “test” with the “dump” in the URL. The last part is to attach this policy to our virtual server. So now whenever the http://netscaler-ip/test/index.html will be called, it will be redirected to http://backend-server/dump/index.html.

However this only achieves 50% of our goal. So if we would check the apache logfiles in the backend server, it will look as follow :

Apache access logfiles

So in the apache logfiles, one can only see the URL which the netscaler is calling but not the original URL which the end user has called.

In order to achieve the rest half of the goal, I created another policy as shown below :

rewrite-insert-header-policy

Important is the corresponding action for this policy and as the name suggest, here we are doing insert header :

rewrite-header-action-policy

 

As you can see in the above snip, the type is INSERT_HTTP_HEADER and¬†HTTP.REQ.HOSTNAME + HTTP.REQ.URL.PATH_AND_QUERY is used to create the original URL. Also do not foget to check the “Bypass safety check” option.

In the end, you have to attach this policy as well to the virtual server. But make suer that the policy inserting header with original request has a lower priority so that it gets executed before the redirection actually happens.

policy bind to vs

Now it is time to test again and you can see that the original URL can be seen in the apache logs.

apache-logfile

One open question is if this goal can be achieved without bypassing safety check in rewrite action for the insert header option.

Any better approach of feedback is welcome.