Forum Discussion
Matt_S_125449
Nimbostratus
Nimbostratushost headers
I am very new to the F5 world, which is why I'm in this forum :)
We have two of the 2000s models in HA. We use them for load balancing our 24 firewalls. What we would like to do is also use this to route to web sites based on the host name. We have some web virtual servers that we will be spinning up each time we add a new client. Since this could grow to 100 servers we don't want to use a public IP for each. Is there a way to set up the BigIP to route these based on the hostnames of the websites?
Thanks
2 Replies
- Kevin_Stewart
Employee
Sure thing. You'll still probably want to create individual pools for each application so that you can actively load balance and monitor those services, but the iRule would be pretty straight forward:when HTTP_REQUEST { if { [class match [string tolower [HTTP::host]] equals my_host_datagroup] } { pool [class match -value [string tolower [HTTP::host]] equals my_host_datagroup] } }
Normally you might use a simple if/else or switch condition to route to different pools based on the host:
switch [string tolower [HTTP::host]] {
"fooweb.alpha.com" { pool foo-pool }
"barweb.alpha.com" { pool bar-pool }
default { pool default-pool }
}
But considering that you'll eventually be doing this for 100s of servers, that iRule will start to get ugly. So the above example uses a data group instead. A data group is simply a text-based key-value table (dictionary I suppose) that you can either define directly in the config or in a separate text file on the system. Which you choose depends on your use case and perhaps the amount of data that you'll want to store. For this example though, let's build an internal data group. In the BIG-IP management UI, go to Local Traffic, iRules, and then select the Data Group List tab. Create a new data group (ex. "my_host_datagroup") of type string, and enter a bunch of key-value pairs for the host and pool.
ex.
fooweb.alpha.com := foo-pool
barweb.alpha.com := bar-pool
Then Create you iRule, attach it to the virtual server, and test. As you add new services, you'll only need to create a pool and a data group entry (both of which can be automated).
Finally, and I won't get into the details here, if you need to process SSL traffic, v11+ allows you to handle Server Name Indicator (SNI), a TLS extension that specifies the server name in the client's SSL HELLO message. With this you can apply multiple client SSL profiles to a single virtual server and the BIG-IP will switch between the profiles based on the client request. 
Matt_S_125449Thanks, we might be a couple months away from implementing this, so I'll probably back then for more help :)
