Implementing URL Redirection using NetScaler Responder Feature

Requirement:

You are migrating a web solution from old setup/server to a new setup/server, you will be publishing a new URL to access the solution from the new setup/server.  You want to automatically redirect any attempts to access through the old URL to the new URL.  You want users to see the OLD URL in the browser changed over to the NEW URL.

Its also, often a requirement in case of company merges where the purchased company want all access attempts to bought company web site to be redirected to the new company URL. 

Its also a requirement in case of Service Providers who would like to contact their customer Federation Services for getting the Authentication done from the customer side. This is often developed using Service Provider Initiated Single Sign On involving SAML protocol to authenticate with Active Directory Federation Services (ADFS) on the customer DMZ zone.

You also require URL redirection in case of a Permanent service unavailability where you want user access to your service pages to reach another page where they have service available.

Solution:

You can achieve this requirement by enabling and implementing the Responder feature of the NetScaler.  The Responder does a HTTP redirect resulting in HTTP status code 302 Found (also appears as 302 Moved Temporarily) in trace during the redirection.

Implementation:

Enabling Responder feature in the NetScaler

Login to NetScaler as an admin user, navigate to Configuration page > System > Settings > Click on “Configure Advanced Features” under “Modes and Features”.  In the resulting page tick the Responder option in Configure Advanced Features as shown below:

image

Considerations by Example

Once you have the Responder feature enabled, you need to create Virtual Server, Service and Server objects, Responder Policies and Actions, and Bind them to the Virtual Server. 

To illustrate these actions, let consider below example requirement to be achieved with Responder policies:

  1. Say your old web service was running on URL: http://www.mycorpsite.com/UKService/ 
  2. The new URL of upgrade/migrated service is: http://www.UKService.mycorpsite.com/ 
  3. You want all access to http://www.mycorpsite.com/UKService/  => (to reach) http://www.UKService.mycorpsite.com/
  4. The New and OLD services are running on different web servers. Say,
    1. OLD system (www.mycorpsite.com) is running on 192.168.1.131 web server whereas
    2. NEW system (www.UKService.mycorpsite.com) is running on 192.168.1.141 web server
  5. You do NOT want to change flow of traffic to http://www.mycorpsite.com/ site, you just need to redirect the traffic coming to the folder path http://www.mycorpsite.com/UKService/ only.
  6.      

Lets get started with NetScaler and Responder Policies, Actions and their binding to achieve this.

Building NetScaler objects.

  1. Create Server Objects by navigating to Configuration page > Traffic Management > Load Balancing > Servers > Click Add button specify a server name and respective IP Address as shown below
    1. www.mycorpsite.com-SERVER => 192.168.1.131
    2. www.UKService.mycorpsite.com-SERVER => 192.168.1.141
    3. Sample Screenshot of www.mycorpsite.com-SERVER server object: image
  2. Create Service Objects, by navigating to Configuration page > Traffic Management > Load Balancing > Services > Click Add button specify a service name and choose respective Server, Protocol, IP-AddressPort as shown below
    1. Create www.mycorpsite.com service object:
      1. Specify service name as www.mycorpsite.com-SRV
      2. Select Existing Server option and choose www.mycorpsite.com-SERVER (192.168.1.131) from drop down list.
      3. Select HTTP as the Protocol from the drop down list
      4. Specify the Port to be 80 (which is the default).
      5. Click OK, in the resulting page Update the Monitor to be used
        1. Under Monitors section click on “Service Load Balancing Monitor Binding” as shown belowimage
        2. In the resulting wizard, click on “Add Binding” > Click on the drop down list under Select Monitor section > Select http, from the list as shown below image
        3. Leave the Weight to default value “1” and Click on Bind button as shown belowimage
        4. Then click on Close, where you’ll see the Last Response as “Success – HTTP response code 200 received.” as shown belowimage
        5.  
    2. Create www.UKService.mycorpsite.com service object:
      1. Specify service name as www.UKService.mycorpsite.com-SRV
      2. Select Existing Server option and choose www.UKService.mycorpsite.com-SERVER (192.168.1.141) from drop down list.
      3. Select HTTP as the Protocol from the drop down list
      4. Specify the Port to be 80 (which is the default).
      5. Repeat the steps shown for www.mycorpsite.com service object to update the Monitor to HTTP
    3. Sample screenshot of www.mycorpsite.com-SRV service object: image
  3. Update the Monitor to HTTP, as detailed under the service creation step above to ensure our service is monitored using the HTTP monitor since our service is running on HTTP protocol.
  4. Create Virtual Server, by navigating to Configuration page > Traffic Management > Load Balancing > Virtual Servers > Click Add button specify a virtual server name and choose respective Protocol, IP-Address Type, IP-Address, Port as shown below
    1. Create www.mycorpsite.com Virtual Server object:
      1. Specify Name as www.mycorpsite.com-VIRTUALserver
      2. Select HTTP as the Protocol from the drop down list
      3. Select IP Address as the “IP Address Type” from the drop down list
      4. Specify the IP Address as 172.24.5.247 (I used this separate network IP as it will be accessible from my test network)
      5. Specify the Port to be 80 (which is the default).
    2. Sample screenshot of www.mycorpsite.com-VIRTUALserver virtual service objectimage
    3. Bind the Service to the Virtual Server:
      1. In the resulting page, Click on “Load Balancing Virtual Server Service Binding” as shown below
      2. image
      3. In the resulting wizard, select www.mycorpsite.com-SRV and leave the Weight to “1” and click on Bind as shown belowimage
      4. In few seconds, you’ll see your newly created www.mycorpsite.com-VIRTUALserver showing up its status as UP as shown belowimage

With this we have created all the pre-requisite NetScaler Servers, Services, Monitors and Virtual Server objects and their respective bindings. We now need to create the NetScaler Responder Actions, Policies and its Binding to the Virtual Servers.

Building NetScaler Responder Policies. 

Create Action and Policy Objects by navigating to Configuration page > AppExpert > Responder and its sub-sections.

  1. Create Action:  Under AppExpert > Responder > Actions > Click Add button specify a name, Action Type and Expression as shown below
    1. Specify the Name as: Redirect_Action_UKService_Folder
    2. Specify the Type as: Redirect
    3. Specify the Expression as: “http://www.UKService.mycorpsite.com/”  (this is the target page to which Responder will redirect the requests to)
    4. Click Create.
    5. Screenshot of Redirect_Action_UKService_Folder Action is: image
  2. Create Policy:  Under AppExpert > Responder > Policies> Click Add button specify a name, Action Type and Expression as shown below
    1. Specify the Name as:  Redirect_Policy_URL_www.UKService.mycorpsite.com
    2. Choose the Action as: Redirect_Action_UKService_Folder from the drop down list
    3. Leave Log Action as blank
    4. Leave AppFlow Action as blank
    5. Leave Undefined-Result Action* to default value, that is –Global undefined-result action-
    6. Specify the Expression as:
      1. HTTP.REQ.URL.SET_TEXT_MODE(IGNORECASE).ENDSWITH(“UKService”) || HTTP.REQ.URL.SET_TEXT_MODE(IGNORECASE).ENDSWITH(“UKService/”)
    7. Click Create.
    8. Screenshot of Redirect_Policy_URL_www.UKService.mycorpsite.com Action is:   image 

 

Bind NetScaler Responder Policies to the Virtual Server. 

  1. Navigate to Configuration page > Traffic Management > Load Balancing > Virtual Servers > Select “www.mycorpsite.com-VIRTUALserver” > Click Edit button
  2. Click on Policies > To add, Click on + button icon > in the Choose Type > Choose Policy > Select Responder from the drop down list, Select Request for “Choose Type” > click on Continue as shown belowimage
  3. Under the Policy Binding section, Select Redirect_Policy_URL_www.UKService.mycorpsite.com policy from the drop down list, leave the Priority, Goto Expression, Invoke LabelType to their default values as shown below: image
  4. Click on Bind.

Verify the Configuration:

Now when you navigate to http://www.mycorpsite.com/UKService/ page from client Browser window, it will automatically redirects to http://www.UKService.mycorpsite.com/ page. If you enable tracing you’ll notice there HTTP 302 Moved Temporarily status and also the URL in the browser changed to the new URL as shown below:

image

If you take a close look at the Headers of Request and Response, you’ll see Request is sent to www.mycorpsite.com whereas Response has come from http://www.UKService.mycorpsite.com/ as shown below.

image

 

Resources:

  1. List of HTTP status codes