Forum Discussion
NimbostratusUse 1 External IP, Multiple Domains, point to different VIP
Hi,
Currently, we're using multiple external IP to hit certain web servers or websites. I feel this is a waste of external IP and we can get much more efficient than this.
I would like to use 1 external IP, for different domains. When it hits the F5, I want the F5 to inspect the domain name, and route it to the proper VIP which then would hit the specific webserver/site etc.
How can I achieve this with iRule and are iRules the proper method for this?, based on my scenario and what I'm trying to achieve, what are your suggestions or what are you doing in your F5 environment to achieve this? thanks!!
Best Regards, Sonny
3 Replies
mimlo_61970Cumulonimbus
What LTM version are you using? Is there any SSL involved?
You can do this with an iRule, or an HTTPClass(in 11.2 and earlier) or a policy in 11.4 and up.
- Sonny_J_Bonds_1
Thanks Mimlo,
I am using 11.2.1
Yes, we're doing SSL offloading on the F5. Would you happen to know how the iRule would look like?
- mimlo_61970
First, do you understand the limitations of running multiple ssl sites from a single IP? Your certificate needs to match all names being hosted, or you need to implement SNI
I would use HTTPClass profiles for this instead of iRules in 11.2.1
Create an HTTPClass profile for each website/domain name. Set Hosts to Match Only and put in the host names you want to match. Then set the Action to Send to Pool and select the pool you want to send this hostname to.
After that, assign all of the HTTPClass profiles to the virtual server.
