Advanced Forwarding

When you use ELB to distribute Layer 7 requests, you may need different forwarding policies to route different client requests. In this case, you can configure advanced forwarding policies to route requests to the right server based on the characteristics of client requests.

Overview

You can configure advanced forwarding policies to forward requests to different backend server groups based on a wide range of forwarding rules and actions.

The following describes how an advanced forwarding policy works:

A client sends a request to a load balancer.
The load balancer matches the request based on the forwarding policies you configure. If multiple matches are found, the load balancer routes the request based on the forwarding policy priorities.
The load balancer routes the request to the backend server using the forwarding policy with the highest priority.
The load balancer sends a response to the client.

Figure 1 How advanced forwarding works

**Table 1** Rules and actions supported by an advanced forwarding policy
Forwarding Policy	Description
Forwarding rule	The following forwarding rules are supported: domain name, path, HTTP request method, HTTP header, query string, and CIDR block. For details, see Forwarding Rule.

How Requests Are Matched

Matching rules: Each client request is matched against forwarding policies. Once a match is found, the request is forwarded based on this forwarding policy. If multiple matches are found, the request is forwarded based on the forwarding policy priorities. A smaller forwarding policy number indicates a higher priority and is matched first.
- If multiple conditions are configured for a forwarding policy, the request can match this forwarding policy only when all the conditions are met.
- If the request is matched with any forwarding policy of the listener, it is forwarded based on this forwarding policy.
- If the request is not matched with any forwarding policy, it is forwarded based on the default forwarding policy.
Forwarding policy priority: determines the order in which a client request matches against forwarding policies. If a client request matches multiple forwarding policies, the forwarding policy with the smallest number has the highest priority and is matched first.
Default forwarding policy: After you add a Layer 7 listener to a load balancer, a default forwarding policy is generated. The load balancer then uses this policy to forward requests to the backend server group you specified when adding the listener.
- If a client request does not match any forwarding policy, it is forwarded according to the default forwarding policy.
- The default forwarding policy has the lowest priority, which cannot be sorted. You can modify the default backend server group, but cannot delete the default forwarding policy.

Forwarding Rule

Advanced forwarding policies support the following types of forwarding rules: domain name, path, HTTP request method, HTTP header, query string, and CIDR block.

**Table 2** Forwarding rules
Forwarding Rule	Description
Domain name	Example Request URL: https://www.example.com/login.php?locale=en-us=#videos Domain name in the forwarding rule: www.example.com
Path	Description Route requests based on paths. You can configure multiple paths in a forwarding policy. Each path contains 1 to 128 characters, including letters, digits, and special characters: _~';@^-%#$.+?,=!:\|\/()[]{}. Matching rules Exact match: The request path is the same as the specified path and must start with a slash (/). Prefix match: The request path starts with the specified path string and must start with a slash (/). Regular expression match: The request path is matched against the specified path using a regular expression. For more information about path matching rules, see Path Matching. Example path: Request URL: https://www.example.com/login.php?locale=en-us#videos Path in the forwarding rule: /login.php*
Query string	Route requests based on the query string. A query string consists of a key and one or more values. You need to set the key and values separately. The key can contain only letters, digits, and special characters: !$'()+,./:;=?@^-_' Multiple values can be configured for a key. The value can contain letters, digits, and special characters: !$'()+,./:;=?@^-_'. Asterisks () and question marks (?) can be used as wildcard characters. Example Request URL: https://www.example.com/login.php?locale=en-us*#videos A query string needs to be configured for the forwarding rule: Key: locale Value: en-us
HTTP request method	Route requests based on the HTTP method. You can configure multiple request methods in a forwarding policy. The following methods are available: GET, POST, PUT, DELETE, PATCH, HEAD, and OPTIONS. Example GET
HTTP header	Route requests based on the HTTP header. An HTTP header consists of a key and one or more values. You need to configure the key and values separately. The key can contain only letters, digits, underscores (_), and hyphens (-). NOTE: The first letter of HTTP request headers User-agent and Connection must be capitalized. Multiple values can be configured for a key. The value can contain letters, digits, and special characters: !#$%&'()+,.\/:;<=>?@[]^-_'{\|}~. Asterisks () and question marks (?) can be used as wildcard characters. Example Key: Accept-Language Value: en-us
CIDR block	Route requests based on the source IP addresses from where requests originate. Example 192.168.1.0/24 or 2020:50::44/127

Action Types

Advanced forwarding policies support the following actions: forward to a backend server group, redirect to another listener, redirect to another URL, and return a specific response body.

If you set Action to Forward to backend server group or Return a specific response body, you can add additional actions. ELB first matches traffic based on additional actions and then forwards requests to the specified backend server group or returns a specific response body. Among all the additional actions, Limit request has the highest priority.

**Table 3** Actions of an advanced forwarding policy
Action	Description
Forward to a backend server group	Requests are forwarded to the specified backend server group.
Redirect to another listener	Requests are redirected to another listener, which then routes the requests to its associated backend server group. NOTE: For example, if you configure a redirect for an HTTP listener, HTTP requests to access a web page will be redirected to the HTTPS listener you select and handled by the backend servers associated with the HTTPS listener. As a result, the clients access the web page over HTTPS.
Redirect to another URL	Requests are redirected to the configured URL. When clients access website A, the load balancer returns 302 or any other 3xx status code and automatically redirects the clients to website B. You can customize the redirection URL that will be returned to the clients. Configure at least one of the following components: Protocol: ${protocol}, HTTP, or HTTPS ${protocol}: retains the protocol of the request. Domain Name: A domain name consists of at least two labels separated by periods (.). Each label can contain only letters, digits, hyphens (-), and periods (.), must start with a letter or digit and cannot end with a hyphen (-). ${host}: retains the domain name of the request. Port: ranges from 1 to 65535. ${port}: retains the port number of the request. Path: A path can contain letters, digits, and special characters: _~';@^-%#&$.+?,=!:\|\/()[]{} and must start with a slash (/). ${path}: retains the path of the request. NOTE: If you select regular expression match, the request path will be overwritten by the variables that match the regular expressions. For details, see Path Matching Based on Regular Expressions. Query String: A query string can contain only letters, digits, and special characters: !$'()+,./:;=?@&^-_',&. Ampersands (&) can only be used as separators. HTTP Status Code: 301, 302, 303, 307, or 308 Example URL for redirection: http://www.example1.com/index.html?locale=en-us#videos Protocol: HTTP Domain name: www.example1.com Port: 8081 Path: /index.html Query String: locale=en-us HTTP Status Code: 301
Return a specific response body	Load balancers return a fixed response to the clients. You can custom the status code and response body that load balancers directly return to the clients without the need to route the requests to backend servers. Configure the following components: HTTP Status Code: By default, 2xx, 4xx, and 5xx status codes are supported. Content-Type: text/plain, text/css, text/html, application/javascript, or application/json Message Body: This parameter is optional. The value can contain 0 to 1,024 characters. Example text/plain Sorry, the language is not supported. text/css <head><style type="text/css">div {background-color:red}#div {font-size:15px;color:red}</style></head> text/html <form action="/" method="post" enctype="multipart/form-data"><input type="text" name="description" value="some text"><input type="file" name="myFile"><button type="submit">Submit</button></form> application/javascript String.prototype.trim = function() {var reExtraSpace = /^\s(.?)\s+$/;return this.replace(reExtraSpace, "$1")} application/json { "publicip": { "type": "5_bgp","ip_version": 4},"bandwidth": {"name": "bandwidth123","size": 10,"share_type": "PER"}} NOTE: Ensure that the response body does not contain carriage return characters. Otherwise, it cannot be saved.

Path Matching

Table 4 shows how the five paths configured in the forwarding policies match those in the requests.

**Table 4** Path matching examples
Request Path	Forwarding Policy	Specified Path	Matching Mode	Forwarding Policy Priority	Destination Backend Server Group
/elb/abc.html	Forwarding policy 01	/elb/abc.html	Prefix match	1	Backend server group 01
/elb/abc.html	Forwarding policy 02	/elb	Prefix match	2	Backend server group 02
/exa/index.html	Forwarding policy 03	/exa[^\s]*	Regular expression match	3	Backend server group 03
/exa/index.html	Forwarding policy 04	/exa/index.html	Regular expression match	4	Backend server group 04
/mpl/index.html	Forwarding policy 05	/mpl/index.html	Exact match	5	Backend server group 05

URLs are matched as follows:

When the request path is /elb/abc.html, it matches both forwarding policy 01 and forwarding policy 02. However, the priority of forwarding policy 01 is higher than that of forwarding policy 02. Forwarding policy 01 is used, and requests are forwarded to backend server group 01.
When the request path is /exa/index.html, it matches both forwarding policy 03 and forwarding policy 04. However, the priority of forwarding policy 03 is higher than that of forwarding policy 04. Forwarding policy 03 is used, and requests are forwarded to backend server group 03.
If the request path is /mpl/index.html, it matches forwarding policy 05 exactly, and requests are forwarded to backend server group 05.

Path Matching Based on Regular Expressions

A path can contain letters, digits, and special characters: _~';@^-%#&$.*+?,=!:|\/()[]{} and must start with a slash (/). ${path} retains the path of the request.

If you select regular expression match, the request path will be overwritten by the variables that match the regular expressions.

How Request Paths Are Overwritten

Path matching: The client sends a request, and the request matches a regular expression in the forwarding rule. You can specify one or more regular expressions as the match conditions and set multiple capture groups represented by parentheses ( ) for one regular expression.
Extraction and replacement: extracts the content from the capture groups.
Destination path: writes them to $1, $2, all the way to $9 configured for the path.

Example

When a client requests to access /test/ELB/elb/index, which matches the regular expression /test/(.*)/(.*)/index, $1 will be replaced by ELB and $2 by elb, and then the request will be redirected to /ELB/elb.

**Table 5** URL matching based on regular expressions
Matching Step		Description
Forwarding rule: path	Regular expression match	Matching condition: /test/(.)/(.)/index Request path: /test/ELB/elb/index
Action: rewrite or redirect to another URL	Path	Path: /$1/$2 Extracting content $1: ELB $2: elb Destination path: /ELB/elb