With Layer 7 virtual servers, you can optionally configure load balancer rules and customize load balancing behavior using match or action rules.
Load Balancer rules support REGEX for match types. PCRE style REGEX patters is supported with a few limitations on advanced use cases. When REGEX is used in match conditions, named capturing groups are supported.
REGEX restrictions include:- Character unions and intersections are not supported. For example, do not use [a-z[0-9]] and [a-z&&[aeiou]] instead use [a-z0-9] and [aeiou] respectively.
- Only 9 back references are supported and \1 through \9 can be used to refer to them.
- Use \0dd format to match octal characters, not the \ddd format.
- Embedded flags are not supported at the top level, they are only supported within groups. For example, do not use "Case (?i:s)ensitive" instead use "Case ((?i:s)ensitive)".
- Preprocessing operations \l, \u, \L, \U are not supported. Where \l - lowercase next char \u - uppercase next char \L - lower case until \E \U - upper case to \E.
- (?(condition)X), (?{code}), (??{Code}) and (?#comment) are not supported.
- Predefined Unicode character class \X is not supported
- Using named character construct for Unicode characters is not supported. For example, do not use \N{name} instead use \u2018.
When REGEX is used in match conditions, named capturing groups are supported. For example, REGEX match pattern /news/(?<year>\d+)-(?<month>\d+)-(?<day>\d+)/(?<article>.*) can be used to match a URI like /news/2018-06-15/news1234.html.
Then variables are set as follows, $year = "2018" $month = "06" $day = "15" $article = "news1234.html". After the variables are set, these variables can be used in load balancer rule actions. For example, URI can be rewritten using the matched variables like, /news.py?year=$year&month=$month&day=$day&article=$article. Then the URI gets rewritten as /news.py?year=2018&month=06&day=15&article=news1234.html.
Rewrite actions can use a combination of named capturing groups and built-in variables. For example, URI can be written as /news.py?year=$year&month=$month&day=$day&article=$article&user_ip=$_remote_addr. Then the example URI gets rewritten as /news.py?year=2018&month=06&day=15&article=news1234.html&user_ip=1.1.1.1.
- $_args - arguments from the request
- $_arg_<name> - argument <name> in the request line
- $_cookie_<name> - value of <name> cookie
- $_upstream_cookie_<name> - cookie with the specified name sent by the upstream server in the "Set-Cookie" response header field
- $_upstream_http_<name> - arbitrary response header field and <name> is the field name converted to lower case with dashes replaced by underscores
- $_host - in the order of precedence - host name from the request line, or host name from the "Host" request header field, or the server name matching a request
- $_http_<name> - arbitrary request header field and <name> is the field name converted to lower case with dashes replaced by underscores
- $_https - "on" if connection operates in SSL mode, or "" otherwise
- $_is_args - "?" if a request line has arguments, or "" otherwise
- $_query_string - same as $_args
- $_remote_addr - client address
- $_remote_port - client port
- $_request_uri - full original request URI (with arguments)
- $_scheme - request scheme, "http" or "https"
- $_server_addr - address of the server which accepted a request
- $_server_name - name of the server which accepted a request
- $_server_port - port of the server which accepted a request
- $_server_protocol - request protocol, usually "HTTP/1.0" or "HTTP/1.1"
- $_ssl_client_cert - returns the client certificate in the PEM format for an established SSL connection, with each line except the first prepended with the tab character
- $_ssl_server_name - returns the server name requested through SNI
- $_uri - URI path in request
- $_ssl_ciphers: returns the client SSL ciphers
- $_ssl_client_i_dn: returns the "issuer DN" string of the client certificate for an established SSL connection according to RFC 2253
- $_ssl_client_s_dn: returns the "subject DN" string of the client certificate for an established SSL connection according to RFC 2253
- $_ssl_protocol: returns the protocol of an established SSL connection
- $_ssl_session_reused: returns "r" if an SSL session was reused, or "." otherwise
Prerequisites
Verify a Layer 7 virtual server is available. See Configure Layer 7 Virtual Servers in Manager Mode.