Forum Discussion

jquinones82_469's avatar
jquinones82_469
Icon for Nimbostratus rankNimbostratus
May 06, 2011

INOTES SSL OFF LOAD WHILE MASKING HOSTNAME OR URL PRESENTED NAME

Hello,

 

 

this is my scenario

 

 

I have a url i want to setup

 

 

nymail.mydomain.com which is a vip for INOTES while hosting SSL

 

 

Then I have 4 servers.

 

 

server1:80

 

server2:80

 

server3:80

 

server4:80

 

 

They each have their own vip.

 

 

 

server1.mydomain.com:443

 

server2.mydomain.com:443

 

server3.mydomain.com:433

 

server4.mydomain.com:433

 

 

So a user will go to nymail.mydomain.com then Inotes will redirect them to a server

 

 

During the process, the original URL changes to the server FQDN

 

 

I would like to preserve the original URL because during the process INOTES will use the webmailredirect.nsf to redirect users to their servers.

 

 

 

 

 

 

 

  • Can you configure iNotes to use an external hostname even though there might be a different name or names used internally?

     

     

    If not, you could probably use a STREAM::expression based iRule to do this. Which LTM version are you running?

     

     

    Aaron
  • Running 10.2

     

     

    They names used internally match externally. I would like it to keep the initial Hostname in the Browser URL.

     

     

     

     

  • So you basically want to rewrite server[0-9].mydomain.com to nymail.mydomain.com in the response headers and payloads?

    Can you try this rule? You'll need to add the default, blank stream profile and a custom HTTP profile with response chunking set to rechunk for this to work.

    http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/50/aft/1178837/showtab/groupforums/Default.aspx
    
     Example which replaces server[0-9].mydomain.com with the originally requested host in response headers and content
    
     Prevents server compression in responses
    when HTTP_REQUEST {
    
        Save the requested hostname for rewriting redirects
       set host [HTTP::host]
    
        Disable the stream filter for all requests
       STREAM::disable
    
        LTM does not uncompress response content, so if the server has compression enabled
        and it cannot be disabled on the server, we can prevent the server from 
        sending a compressed response by removing the compression offerings from the client
       HTTP::header remove "Accept-Encoding"
    }
    when HTTP_RESPONSE {
    
        Check if server response is a redirect and contains the string pattern we want to replace 
       if { [HTTP::is_redirect] and [string match -nocase {http*://server[0-9].mydomain.com} [HTTP::header Location]]} {
    
           Rewrite the host in redirects to the originally requested host from HTTP_REQUEST
          HTTP::header replace location [string map -nocase "[URI::host [HTTP::header Location]] $host" [HTTP::header Location]]
       }
    
        Check if response type is text
       if {[HTTP::header value Content-Type] contains "text"}{
    
           Use a regex to replace server[0-9]\.mydomain\.com with the originally requested host
          STREAM::expression "@server\[0-9\]\.mydomain\.com@$host@"
    
           Enable the stream filter for this response only
          STREAM::enable
       }
    }
    

    Aaron