Forum Discussion

Nimbostratus

Apr 11, 2013

self aware irules from IIS settings

DevCentral Team, Currently, we run 32bit 10.2.3 version of F5. Have 100+ websites in IIS on windows 2008R2, each assigned their own custom host headers and separate internal IP that NAT to...

Employee

Apr 12, 2013

I like to think that there are a hundred ways to do anything on a BIG-IP, but in this case I can only think of one that isn't unnecessarily complex. So for simplicity sake:

Create a data group (file-based or internal doesn't really matter) and assign each host header value to a server node and port.

Ex. (host_header_datagroup)

something1.domaina.com := 10.33.145.21:80

something2.domaina.com := 10.33.145.21:80

something1.domainb.com := 10.33.145.22:80

something2.domainb.com := 10.33.145.22:80

Create a virtual server using just one of the external IPs and apply this iRule (and other required profiles):


when HTTP_REQUEST {
     if { [class match [string tolower [HTTP::host]] equals host_header_datagroup] } {
          node [class match -value [string tolower [HTTP::host]] equals host_header_datagroup]
     } else {
          HTTP::respond 200 content "no such service"
     }
}

So what happens is that the client's request (host name) is looked up in a data group list, and if it exists the traffic is forwarded to the corresponding node and port. By the way, the ProxyPass iRule will do the same thing but also control SNATs and Host headers.

Now for the fun part - updating the data group. My best suggest here is to have the customer add an iControl call into their website provisioning script that calls out to the BIG-IP and writes to the data group. That is by far the cleanest and simplest approach I can think of.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)