Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral


Questions and Answers

Loading... Loading...

Hello,

We are on version 9.4.8 of BigIP.  We use a device called Truesight to monitor the user experience of our traffic.  We recently moved the Truesight device to in front of the F5 so we could capture SSL Latency.  However, in doing this we lost the ability to see which application server the user was on when we review a particular session.  Instead, Truesight only shows the VIP of the pool for that website.  To fix this, the vendor of Truesight tells us that we can inject an http header of the server IP address via the BigIP.  According to F5 support, this can be done, but I needed to ask how to do it in the forums.  We have about 12 pools each with 14 servers in the pool.  We need to have an IRule that will inject a header into the traffic showing the IP address of the pool member that the user was put on.  How can this be done?

Thanks for the help.

11 Answer(s):

Hi K-Dubb,

You can use an iRule like this:


# From https://devcentral.f5.com/wiki/default.aspx/iRules/http_request_send
when HTTP_REQUEST_SEND {

   # Need to force the host header replacement and HTTP:: commands into the clientside context
   # as the HTTP_REQUEST_SEND event is in the serverside context
   clientside {

      # Replace (or insert if it doesn't exist) a custom HTTP header with the selected server IP and port
      HTTP::header replace my_custom_header "[IP::server_addr]:[TCP::server_port]"
   }
}


You could also insert the currently selected pool name using [LB::server pool].

Aaron
Posted By hoolio on 11/29/2010 08:02 AM
Hi K-Dubb,

You can use an iRule like this:

# From https://devcentral.f5.com/wiki/default.aspx/iRules/http_request_send
when HTTP_REQUEST_SEND {

   # Need to force the host header replacement and HTTP:: commands into the clientside context
   # as the HTTP_REQUEST_SEND event is in the serverside context
   clientside {

      # Replace (or insert if it doesn't exist) a custom HTTP header with the selected server IP and port
      HTTP::header replace my_custom_header "[IP::server_addr]:[TCP::server_port]"
   }
}


You could also insert the currently selected pool name using [LB::server pool].

Aaron

Hi,

Thanks for your reply!  Is server_addr and Server_port a method, or do I need to populate this with the actual IP and Port?  The reason I ask is because the iRules are applied at the Virtual Server level and with 14 application servers, I am not sure how it would inject the correct IP and port to the server.
[IP::server_addr] and [TCP::server_port] are commands that will return the currently connected server IP and port. So you should be able to use that iRule and just customize the header name (set as my_custom_header in the example).

Aaron
Awesome!! I will try it out!
Is there anyway that I can show this is working? I applied the Irule, but when I run a fiddler trace, I do not see the Header in the header section of fiddler. Thoughts?
The iRule is inserting the HTTP header in requests sent to the pool, so the client wouldn't see the change. You could either log the change in the iRule, use tcpdump on the server VLAN or check the server logs if they log the custom HTTP header.

Here's a way to log the specific header as well as the full HTTP request headers in the iRule:


# From https://devcentral.f5.com/wiki/default.aspx/iRules/http_request_send
when HTTP_REQUEST_SEND {

   # Need to force the host header replacement and HTTP:: commands into the clientside context
   # as the HTTP_REQUEST_SEND event is in the serverside context
   clientside {

      # Replace (or insert if it doesn't exist) a custom HTTP header with the selected server IP and port
      HTTP::header replace my_custom_header "[IP::server_addr]:[TCP::server_port]"
   }
}
when HTTP_REQUEST_SEND priority 501 {

   # Run this event with a later priority than the default HTTP_REQUEST_SEND event
   # This bypasses LTM's caching of most HTTP:: commands within the same event and event priority
   clientside {
      log local0. "[IP::client_addr]:[TCP::client_port]: my_custom_header: [HTTP::header my_custom_header]"
      log local0. "[IP::client_addr]:[TCP::client_port]: All headers: [HTTP::request]"
   }
}


You can remove the second HTTP_REQUEST_SEND event once you're done testing.

For details on using tcpdump to capture this, see SOL411:

SOL411: Overview of packet tracing with the tcpdump utility
http://support.f5.com/kb/en-us/solutions/public/0000/400/sol411.html

Aaron
Thanks for your response. The device that I need to be able to see the IP is actually in front of the F5, not behind it which is why it only sees the VIPs. Based on your explanation, i don't think the initial iRule will help me. Is there a way to do this?
So you want to insert a header in the response with the IP address of the LTM pool member that served the request? That's a bit simpler:

when HTTP_RESPONSE {

   # Replace (or insert if it doesn't exist) a custom HTTP header with the selected server IP and port
   HTTP::header replace my_custom_header "[IP::server_addr]:[TCP::server_port]"
}


The client will see this as well, so it should be present in the Fiddler trace.

Aaron
Yes, that is exactly what I want to do.

I am getting this. What am I missing?

01070151:3: Rule [Server_IP] error:
line 1: [unknown event (HTTP_RESPOND)] [when HTTP_RESPOND {

# Replace (or insert if it doesn't exist) a custom HTTP header with the selected server IP and port
HTTP::header replace Server_IP "[IP::server_addr]:[TCP::server_port]"
}]
Sorry, fingers were moving faster than the brain. That should be HTTP_RESPONSE.

Aaron
Awesome Aaron! Works great!

Your answer:

You must be logged in to reply. You can login here.