Forum Discussion

Zuke_149069's avatar
Zuke_149069
Icon for Nimbostratus rankNimbostratus
Apr 28, 2014

DNS resolves to real server

I'm trying to find the proper way to manage how DNS resolves server names. This is probably a stupid question, but I'm going to ask it anyway.

 

I have a static DNS entry connected to a virtual server IP address. When I go to that DNS address, I get redirected to the real server address. I want to hide the real server DNS entry.

 

For example:

 

I type in http://virtualserver.company.com, which then takes me to http://realserver01.company.com or http://realserver02.company.com. I want the users to stay on http://virtualserver.company.com.

 

I have been looking through iRules, but am not sure which I need to use for this purpose. Will I need to create a unique iRule for each VS, or is there a better way to do this?

 

Currently running active-active LTM with 11.4.1 HF 3. Licensed for APM/GTM, but not yet incorporating those.

 

application delivery
devops
dns
iRules
LTM
microsoft

1 Reply

Sort By
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Apr 28, 2014

    can you try something like this?

    e.g.

     config

root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
    destination 172.28.24.10:80
    ip-protocol tcp
    mask 255.255.255.255
    pool foo
    profiles {
        http { }
        tcp { }
    }
    rules {
        qux
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    vs-index 7
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo
ltm pool foo {
    members {
        200.200.200.101:80 {
            address 200.200.200.101
        }
    }
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
    when HTTP_RESPONSE {
  if { [HTTP::status] == 302 } {
    HTTP::header replace Location [string map {http://realserver01.company.com http://virtualserver.company.com http://realserver02.company.com http://virtualserver.company.com} [HTTP::header Location]]
  }
}
}

 trace

[root@ve11a:Active:In Sync] config  ssldump -Aed -nni 0.0 port 80
New TCP connection 1: 172.28.24.1(34226) <-> 172.28.24.10(80)
1398693997.3095 (0.0016)  C>S
---------------------------------------------------------------
HEAD /something HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
Host: virtualserver.company.com

---------------------------------------------------------------

New TCP connection 2: 200.200.200.14(34226) <-> 200.200.200.101(80)
1398693997.3400 (0.0304)  C>S
---------------------------------------------------------------
HEAD /something HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
Host: virtualserver.company.com

---------------------------------------------------------------

1398693997.3422 (0.0022)  S>C
---------------------------------------------------------------
HTTP/1.1 302 Found
Date: Mon, 28 Apr 2014 13:56:47 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://realserver01.company.com/something
Content-Type: text/html; charset=iso-8859-1

---------------------------------------------------------------

1398693997.3423 (0.0328)  S>C
---------------------------------------------------------------
HTTP/1.1 302 Found
Date: Mon, 28 Apr 2014 13:56:47 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://virtualserver.company.com/something
Content-Type: text/html; charset=iso-8859-1

---------------------------------------------------------------