Forum Discussion

refra_151287's avatar
Dec 16, 2014

Multi-Domains mapped to single IP

Hi ALL, we have three domains , 1- domain1.hostname.com 2-domain2.hostname.com 3- domain3.hostname.com all mapped to single IP "VIP: 10.10.10.10" when I access domain1.hostname.com, it should give me different page than domain2 and domain3, but it doesn't happen all time I get the same page.

 

before the F5 the backend server was able to deal with the request if it was domain1 gives him a page if the request was domain2 it gives him another page and so on.

 

I want to know how to solve the problem from F5 although the difference is the only hostnames, and the path doesn't change. also have a question, when F5 forwards the request to back-end server it doesn't includes the domain name at all??

 

  • when F5 forwards the request to back-end server it doesn't includes the domain name at all??

     

    by default host header is not changed. you can run tcpdump/ssldump on bigip to check.

     

  • when F5 forwards the request to back-end server it doesn't includes the domain name at all??

     

    by default host header is not changed. you can run tcpdump/ssldump on bigip to check.

     

    • refra_151287's avatar
      refra_151287
      Icon for Cirrus rankCirrus
      I'm a little confused I have domain1.hostname.com when I access it resolves the name to IP which is 10.10.10.10 , then sends the request with destination IP 10.10.10.10 the hostname doesn't exist in the HTTP packet, Is that right???
    • nitass's avatar
      nitass
      Icon for Employee rankEmployee
      what are you tying in browser? is it domain1.hostname.com or 10.10.10.10? if domain1.hostname.com, http host header will be domain1.hostname.com.
    • refra_151287's avatar
      refra_151287
      Icon for Cirrus rankCirrus
      then the resolve just get the destination IP, but the header doesn't change at all, if issued domain1.hostname.com, the hostname in the header is "domain1.hostname.com", OK fine. could you please provide me with the command I can see clearly the domain in the header to BE server fron F5, I used something as following: tcpdump -i 0.0 -X host and port 80 ------> changed the Monitor to ping, but without getting something clear!
  • when F5 forwards the request to back-end server it doesn't includes the domain name at all??

     

    by default host header is not changed. you can run tcpdump/ssldump on bigip to check.

     

    • refra_151287's avatar
      refra_151287
      Icon for Cirrus rankCirrus
      I'm a little confused I have domain1.hostname.com when I access it resolves the name to IP which is 10.10.10.10 , then sends the request with destination IP 10.10.10.10 the hostname doesn't exist in the HTTP packet, Is that right???
    • nitass_89166's avatar
      nitass_89166
      Icon for Noctilucent rankNoctilucent
      what are you tying in browser? is it domain1.hostname.com or 10.10.10.10? if domain1.hostname.com, http host header will be domain1.hostname.com.
    • refra_151287's avatar
      refra_151287
      Icon for Cirrus rankCirrus
      then the resolve just get the destination IP, but the header doesn't change at all, if issued domain1.hostname.com, the hostname in the header is "domain1.hostname.com", OK fine. could you please provide me with the command I can see clearly the domain in the header to BE server fron F5, I used something as following: tcpdump -i 0.0 -X host and port 80 ------> changed the Monitor to ping, but without getting something clear!
  • could you please provide me with the command I can see clearly the domain in the header to BE server fron F5

    try this.

     ssldump -Aed -nni 0.0 host x.x.x.x and port 80
    x.x.x.x is server ip
    
  • the command is cleared the Host at the request for port 80 but for 443 didn't! I wasn't able to find out the Hostname.

     

    • nitass's avatar
      nitass
      Icon for Employee rankEmployee
      for https, you have to use private key to decrypt it. ssldump -Aed -nni 0.0 -k host x.x.x.x and port 443
    • refra_151287's avatar
      refra_151287
      Icon for Cirrus rankCirrus
      Private key if I'm using the default self signed certificate between the F5 and server "serverssl" what will gonna be private key?
    • nitass's avatar
      nitass
      Icon for Employee rankEmployee
      it is server-side (between bigip and server), isn't it? private key should be from the server.