For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Wynand_van_Nisp's avatar
Wynand_van_Nisp
Icon for Nimbostratus rankNimbostratus
Aug 29, 2006

Websphere and LTM

Hi,     I am prety new to Irules. I have a client with 3 Websphere servers which each has 4 instances per server running on port 9081...9084. The servers was configured to only accept request o...
application delivery
dev
devops
iRules
Deb_Allen_18's avatar
Deb_Allen_18
Historic F5 Account
Aug 30, 2006
There was another post last week indicating that WebSphere was squawking about the virtualization.

 

 

Apparently the WebSphere server is expecting it's own FQDN in the host header.

 

 

You could create a rule to replace the Host: header for each server with the expected value, using [LB::server addr] to cross reference the IP with the expected hostname using a class.

 

 

I did some poking around, and found 2 recommended non-iRule approaches to work around this problem.

 

 

The least invasive way of working around this limitation without an iRule is in DNS: Simply set the forward (A record) resolution of the virtual server name to the virtual server IP, and the reverse (PTR) resolution for each of the pool member IPs to the virtual server name:

 

virtual server (in websphere.com zone file):

 

virtualserver IN A 192.168.1.1

 

 

backend subnet (in .. reverse zone file )

 

1 IN PTR virtualserver.webshpere.com

 

2 IN PTR virtualserver.webshpere.com

 

3 IN PTR virtualserver.webshpere.com

 

 

The other approach is to actually build ALL the WebSphere servers with the virtual hostname, rather than unique hostnames. The A record for that name would point to the virtual IP, and you can retain the "real" server name as an alias for administration etc.

 

 

HTH

 

/deb