Forum Discussion

Pedro_Magalhae1's avatar
Pedro_Magalhae1
Icon for Nimbostratus rankNimbostratus
Sep 15, 2020

LTM replace host on request and response

Hello,

 

I need help with a situation:

I need to replace the HTTP::host when on the request with the intent to reach the internal server with a different HTTP::host.

 

However this HTTP::host(FQDN) cannot be sent to the client so on the request i need to replace the HTTP::host again. Is this possible to do with an irule?

  • You can change the contents of the HTTP Host header using either a Local Traffic Policy or an iRule. Local Traffic Policies are favored because they are a built-in tool and tend to be more efficient. Below is what a local policy to change the HTTP Host header on the server-side request might look like. In this example, if the client-side host header is original.f5trn.com, the policy will change it to changed.f5trn.com on the server side connection. The client is unaware of this change:

    ltm policy Change_HTTP_Host_Header_Policy {
        last-modified 2020-09-15:12:18:37
        requires { http }
        rules {
            Change_HTTP_Host_Header_Rule {
                actions {
                    0 {
                        http-host
                        replace
                        value changed.f5trn.com
                    }
                }
                conditions {
                    0 {
                        http-host
                        host
                        values { original.f5trn.com }
                    }
                }
            }
        }
        status published
        strategy first-match
    }

    The Host header is not valid on a response but, if you are concerned about the server's response content (HTML, XML, etc.) containing domain (host) names you do not want the client to see, you can use an HTML-type profile to replace server response content, as needed, before sending the response to the client. See Local Traffic > Profiles > Content > HTML and examples on DevCentral for creating an HTML content profile.

  • Can you show me an example of this using an irule? because the VS already has an irule applied to it due to the fact that are several websites behind the same ip