Would it be possible to have NetScaler forward a request to different tcp/ip ports based on part of the path in the url?

The customer/browser doesn't notice his request is handled by which backend server process. So a ordinary "302" redirect won't do it.

e.g.

https://www.example.com/envone/servlet -> example:3030/envone/servlet

https://www.example.com/envtwo/servlet -> example:4040/envtwo/servlet

Server "example" runs two tomcat processes. One is running on port "3030", the other is running on port "4040". The hostname "www.example.com" should be used in both cases. The clients don't know the request is handled by processes running on different ports.

I can solve this by installing IIS on server "example" and using a redirect isapi filter, but I prefer using NetScaler if possible.

Is this possible with NetScaler?
If so, could you please direct me in the right direction?

I've looked into url redirection and content switching, but those seem to use "302" redirection, which I believe wouldn't suit my need. Perhaps url rewriting is a solution, but I do not have any experience with url rewriting.

maybe you can use a mix between content switching and LB vserver url redirect :) it should work

> content switching and LB vserver url redirect

I've used the string to search in Google. Unfortunately it didn't came up with an answer I understand.

http://www.onjava.com/pub/a/onjava/2001/09/26/load.html?page=2
Seems to describe a scenario like mine. Instead I will not be loadbalancing, but have a different service handle the request. The article does give me the impression it should be possible with NS.

I've found two other articles, but these are to techie for me to decide if they're an answer to my problem.
http://hqextsrvsft01.citrix.com/article/CTX110749
http://hqextsrvsft01.citrix.com/article/CTX110501

It still seems to me "url redirect" will send a 302 redirection or location change to the users browser, where it says something like "sorry, I've moved to port xxx. Do a new request on that port".
I'm looking for a solution where NS replies "Sure, I'll handle your request." But silently has service xxx handle it. The only one who knows which service handled the request is NS.

Could you please confirm if the two Citrix articles are indeed useful in my situation?

using content switching vserver associated with LB vservers with only one service (on different port) bound to each should do exactly what you are looking for :)

As Surya mentioned, create two vservices: one for each port. Create an LB vserver for each vservice. Finally, create a CS vserver with two policies that describe your URL requirements and target them to each LB vserver. You're all set.

Good luck!
www.netscalerkb.com

It's been a while. Today I finally had the oppertunity to try your suggestions. I think I'm close thanks to you both, but unfortunately I'm not there yet. It seems a minor hop to make though.

I see only green bulbs in the NetScaler gui and in the local subnet my setup even seems to work. Unfortunately when I try to reach the server from outside the firewall it doesn't work. As far as I know NAT is setup right.

Could you please take a look at my setup as I describe below? For example I wonder if packets delivered from outside the firewall to the server know their way back through LBvser, CSvser and FW?

Based on your suggestions I came to the following, which seems to work fine when I try it from a machine in the same subnet.

I did the following:
1. Add the target server to "load balancing -> servers";
2. Create two loadbalancing services, which point to ports 3030 and 4040 on the server created in step 1. These ports are the real ports used by the application on the target server;
3. Create two loadbalancing virtualservers, which point each to their own service created in step 2. In both I removed the tick at "directly addressable" so I could not enter a ip and port;
4. Create two contentswitching policies each watching their own URL;
5. Finally create one contentswitching virtualserver which connects each LBvser (step 3) to their corresponding CS policy (step 4). In this step I was not sure what ipaddress and port to use. I used an ipaddress (192.168.1.199) and port (80) which were currently not used.

The firewall is setup to direct all trafic from the outside port 80 to the ip:port used in step 5.

This works great (the hits counter in policies shows this as well) from a local machine within the same subnet, but from outside (the internet) it seems the machine does not exist.

So far so good. I really would appreciate some feedback if something else should be configured in NetScaler, because we cannot think of something else we have to set in the firewall.

did you set up the Ip routing correctly in the netscaler ?

If it works with an internal machine, everything is fine with your config

Did you define a NAT on the firewall for 192.168.1.199? This is a non-routable address and therefor without a public NAT would not be reachable from the internet.

Ok. Thanks to you all!

It was a routing thing indeed. There still are some issues, but for now I'm satisfied with a working proof of concept.

If I need any further assistence I'll open a new post.

Thank you again very much!