Hi, I have below mention requirement users will have the link http://testmail.abc.com and it will redirect to http://uatebsapp1.abc.com:8060 but i want to hide the actual server name from the users. like instead of showing that user is accessing the APP1 i want to modify the actual URL to something like http://server1.abc.com:8060 Please let me know how can i do this.

Hi, I have one iRule already mapped with VIP when HTTP_REQUEST { if { [HTTP::uri] equals "/" } { HTTP::redirect "http://ebsdmz.abc.com:8080/OA_HTML/AppsLogin" } } so user are getting in the URL below URL after redirection. http://uatebsapp1.abc.com:8060 Now You want to me add one more iRule as mentoin below like below when HTTP_REQUEST { HTTP::header replace Host uatebsapp1.abc.com:8060 But where it is mentioning that user will get the http://server1.abc.com:8060 Please correct me if i am wrong

sorry i overlooked the http://server1.abc.com:8060 part. in general, if you want to change url in browser, you have to use HTTP::redirect (or HTTP::respond). HTTP::redirect will send user response asking user to send request to a new url. if the new url is on different port (e.g. 8060), you need another virtual server listening on that port (to accept the new request). when sending request to pool member, host header and uri can be changed using HTTP::header and HTTP::uri commands respectively. hope this helps.

Hostname Modification in F5

17 Replies

nitass_89166

Noctilucent

Jul 03, 2014

e.g.

 config

root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
    destination 172.28.24.10:80
    ip-protocol tcp
    mask 255.255.255.255
    pool foo
    profiles {
        http { }
        tcp { }
    }
    rules {
        qux
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    vs-index 46
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo
ltm pool foo {
    members {
        200.200.200.101:8060 {
            address 200.200.200.101
        }
    }
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
    when HTTP_REQUEST {
  HTTP::header replace Host uatebsapp1.abc.com:8060
}
}

 trace

[root@ve11a:Active:In Sync] config  ssldump -Aed -nni 0.0 port 80 or port 8060
New TCP connection 1: 172.28.24.1(48569) <-> 172.28.24.10(80)
1404396749.8259 (0.0017)  C>S
---------------------------------------------------------------
GET /something HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
Host: testmail.abc.com

---------------------------------------------------------------

New TCP connection 2: 200.200.200.14(48569) <-> 200.200.200.101(8060)
1404396750.0406 (0.2125)  C>S
---------------------------------------------------------------
GET /something HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
Host: uatebsapp1.abc.com:8060

---------------------------------------------------------------

Wasim_Hassan_13
Nimbostratus
Jul 04, 2014
Hi, I have one iRule already mapped with VIP when HTTP_REQUEST { if { [HTTP::uri] equals "/" } { HTTP::redirect "http://ebsdmz.abc.com:8080/OA_HTML/AppsLogin" } } so user are getting in the URL below URL after redirection. http://uatebsapp1.abc.com:8060 Now You want to me add one more iRule as mentoin below like below when HTTP_REQUEST { HTTP::header replace Host uatebsapp1.abc.com:8060 But where it is mentioning that user will get the http://server1.abc.com:8060 Please correct me if i am wrong

nitass

Employee

Jul 03, 2014

e.g.

 config

root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
    destination 172.28.24.10:80
    ip-protocol tcp
    mask 255.255.255.255
    pool foo
    profiles {
        http { }
        tcp { }
    }
    rules {
        qux
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    vs-index 46
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo
ltm pool foo {
    members {
        200.200.200.101:8060 {
            address 200.200.200.101
        }
    }
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
    when HTTP_REQUEST {
  HTTP::header replace Host uatebsapp1.abc.com:8060
}
}

 trace

[root@ve11a:Active:In Sync] config  ssldump -Aed -nni 0.0 port 80 or port 8060
New TCP connection 1: 172.28.24.1(48569) <-> 172.28.24.10(80)
1404396749.8259 (0.0017)  C>S
---------------------------------------------------------------
GET /something HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
Host: testmail.abc.com

---------------------------------------------------------------

New TCP connection 2: 200.200.200.14(48569) <-> 200.200.200.101(8060)
1404396750.0406 (0.2125)  C>S
---------------------------------------------------------------
GET /something HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
Host: uatebsapp1.abc.com:8060

---------------------------------------------------------------

Wasim_Hassan_13
Nimbostratus
Jul 04, 2014
Hi, I have one iRule already mapped with VIP when HTTP_REQUEST { if { [HTTP::uri] equals "/" } { HTTP::redirect "http://ebsdmz.abc.com:8080/OA_HTML/AppsLogin" } } so user are getting in the URL below URL after redirection. http://uatebsapp1.abc.com:8060 Now You want to me add one more iRule as mentoin below like below when HTTP_REQUEST { HTTP::header replace Host uatebsapp1.abc.com:8060 But where it is mentioning that user will get the http://server1.abc.com:8060 Please correct me if i am wrong

nitass
Employee
Jul 05, 2014
sorry i overlooked the http://server1.abc.com:8060 part.

in general, if you want to change url in browser, you have to use HTTP::redirect (or HTTP::respond). HTTP::redirect will send user response asking user to send request to a new url. if the new url is on different port (e.g. 8060), you need another virtual server listening on that port (to accept the new request).

when sending request to pool member, host header and uri can be changed using HTTP::header and HTTP::uri commands respectively.

hope this helps.
- Wasim_Hassan_13
  Nimbostratus
  Jul 06, 2014
  Hi, can you please give me the example of redirect. I have one rule already and I have created new VIP against port 8060. when HTTP_REQUEST { if { [HTTP::uri] equals "/" } { HTTP::redirect "http://ebsdmz.abc.com:8060/OA_HTML/AppsLogin" } } ltm virtual VS_TEST { destination 192.168.206.24:8060 ip-protocol tcp mask 255.255.255.255 partition PRPRDWEBDMZ persist { PRDWEB_STICKY { default yes } } pool TEST_POOL profiles { /Common/tcp { } PRE-PROD-WEB-DMZ-Profile { } } source 0.0.0.0/0 source-address-translation { type automap } vs-index 140 ltm virtual VS_DMZEBS { destination 192.168.206.23:any ip-protocol tcp mask 255.255.255.255 partition PRPRDWEBDMZ persist { PRDWEB_STICKY { default yes } } pool PL_DMZEBS profiles { /Common/tcp { } PRE-PROD-WEB-DMZ-Profile { } } rules { UAT_DMZEBS } source 0.0.0.0/0 source-address-translation { type automap } translate-port disabled vlans { PRE-PROD-WEB-DMZ } vlans-enabled vs-index 119 Please let me know what will be irule.
nitass_89166
Noctilucent
Jul 05, 2014
sorry i overlooked the http://server1.abc.com:8060 part.

in general, if you want to change url in browser, you have to use HTTP::redirect (or HTTP::respond). HTTP::redirect will send user response asking user to send request to a new url. if the new url is on different port (e.g. 8060), you need another virtual server listening on that port (to accept the new request).

when sending request to pool member, host header and uri can be changed using HTTP::header and HTTP::uri commands respectively.

hope this helps.
- Wasim_Hassan_13
  Nimbostratus
  Jul 06, 2014
  Hi, can you please give me the example of redirect. I have one rule already and I have created new VIP against port 8060. when HTTP_REQUEST { if { [HTTP::uri] equals "/" } { HTTP::redirect "http://ebsdmz.abc.com:8060/OA_HTML/AppsLogin" } } ltm virtual VS_TEST { destination 192.168.206.24:8060 ip-protocol tcp mask 255.255.255.255 partition PRPRDWEBDMZ persist { PRDWEB_STICKY { default yes } } pool TEST_POOL profiles { /Common/tcp { } PRE-PROD-WEB-DMZ-Profile { } } source 0.0.0.0/0 source-address-translation { type automap } vs-index 140 ltm virtual VS_DMZEBS { destination 192.168.206.23:any ip-protocol tcp mask 255.255.255.255 partition PRPRDWEBDMZ persist { PRDWEB_STICKY { default yes } } pool PL_DMZEBS profiles { /Common/tcp { } PRE-PROD-WEB-DMZ-Profile { } } rules { UAT_DMZEBS } source 0.0.0.0/0 source-address-translation { type automap } translate-port disabled vlans { PRE-PROD-WEB-DMZ } vlans-enabled vs-index 119 Please let me know what will be irule.

nitass

Employee

Jul 06, 2014

what the irule does is if host and port in url is uatebsapp1.abc.com:8060, send redirection to same uri but server1.abc.com:8060.

if host and port in url is not uatebsapp1.abc.com:8060, send request to pool member but change host and port to uatebsapp1.abc.com:8060.

you have to also map server1.abc.com to virtual server ip which is listening on port 8060.

 config

root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
    destination 172.28.24.10:8060
    ip-protocol tcp
    mask 255.255.255.255
    pool foo
    profiles {
        http { }
        tcp { }
    }
    rules {
        qux
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    vs-index 49
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo
ltm pool foo {
    members {
        200.200.200.101:80 {
            address 200.200.200.101
        }
    }
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
    when HTTP_REQUEST {
  if { [HTTP::host] eq "uatebsapp1.abc.com:8060" } {
    HTTP::redirect "http://server1.abc.com:8060[HTTP::uri]"
  }
}
when HTTP_REQUEST_SEND {
  clientside {
    HTTP::header replace Host "uatebsapp1.abc.com:8060"
  }
}
}

 trace

[root@ve11a:Active:In Sync] config  ssldump -Aed -nni 0.0 port 8060 or port 80
New TCP connection 1: 172.28.24.1(51845) <-> 172.28.24.10(8060)
1404642113.4968 (0.0055)  C>S
---------------------------------------------------------------
GET /something HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
Host: uatebsapp1.abc.com:8060

---------------------------------------------------------------

1404642113.4969 (0.0000)  S>C
---------------------------------------------------------------
HTTP/1.0 302 Found
Location: http://server1.abc.com:8060/something
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

---------------------------------------------------------------

New TCP connection 2: 172.28.24.1(51846) <-> 172.28.24.10(8060)
1404642113.5074 (0.0027)  C>S
---------------------------------------------------------------
GET /something HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Host: server1.abc.com:8060
Accept: */*

---------------------------------------------------------------

New TCP connection 3: 200.200.200.14(51846) <-> 200.200.200.101(80)
1404642113.5238 (0.0162)  C>S
---------------------------------------------------------------
GET /something HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Host: uatebsapp1.abc.com:8060
Accept: */*

---------------------------------------------------------------

nitass_89166

Noctilucent

Jul 06, 2014

or you may rewrite location header (e.g. from uatebsapp1.abc.com:8060 to server1.abc.com:8060) in response from pool member.

 config

root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
    destination 172.28.24.10:8060
    ip-protocol tcp
    mask 255.255.255.255
    pool foo
    profiles {
        http { }
        tcp { }
    }
    rules {
        qux
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    vs-index 49
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo
ltm pool foo {
    members {
        200.200.200.101:80 {
            address 200.200.200.101
        }
    }
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
    when HTTP_REQUEST_SEND {
  clientside {
    HTTP::header replace Host "uatebsapp1.abc.com:8060"
  }
}
when HTTP_RESPONSE {
  if { [HTTP::status] == 302 } {
    HTTP::header replace Location [string map {uatebsapp1.abc.com:8060 server1.abc.com:8060} [HTTP::header Location]]
  }
}
}

 client

[root@centos1 ~] curl -i http://172.28.24.10:8060/OA_HTML/AppsLogin -H "host: ebsdmz.abc.com:8060"
HTTP/1.1 302 Found
Date: Sun, 06 Jul 2014 11:21:34 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://server1.abc.com:8060/
Content-Length: 300
Content-Type: text/html; charset=iso-8859-1

 trace

[root@ve11a:Active:In Sync] config  ssldump -Aed -nni 0.0 port 8060 or port 80
New TCP connection 1: 172.28.24.1(51851) <-> 172.28.24.10(8060)
1404646386.7267 (0.0021)  C>S
---------------------------------------------------------------
GET /OA_HTML/AppsLogin HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
host: ebsdmz.abc.com:8060

---------------------------------------------------------------

New TCP connection 2: 200.200.200.14(51851) <-> 200.200.200.101(80)
1404646386.7288 (0.0019)  C>S
---------------------------------------------------------------
GET /OA_HTML/AppsLogin HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
host: uatebsapp1.abc.com:8060

---------------------------------------------------------------

1404646386.7648 (0.0360)  S>C
---------------------------------------------------------------
HTTP/1.1 302 Found
Date: Sun, 06 Jul 2014 11:21:34 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://uatebsapp1.abc.com:8060/
Content-Length: 300
Content-Type: text/html; charset=iso-8859-1

...snipped...
---------------------------------------------------------------

1404646386.7649 (0.0382)  S>C
---------------------------------------------------------------
HTTP/1.1 302 Found
Date: Sun, 06 Jul 2014 11:21:34 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://server1.abc.com:8060/
Content-Length: 300
Content-Type: text/html; charset=iso-8859-1

...snipped...
---------------------------------------------------------------

Wasim_Hassan_13
Nimbostratus
Jul 08, 2014
Hi, I am trying the below config but no luck user is trying http://192.168.206.24:8080 ltm virtual VS_TEST { destination 192.168.206.24:webcache ip-protocol tcp mask 255.255.255.255 partition PRPRDWEBDMZ persist { ENOC_PRDWEB_STICKY { default yes } } pool TEST_POOL profiles { /Common/tcp { } PRE-PROD-WEB-DMZ-Profile { } } source 0.0.0.0/0 source-address-translation { type automap } vs-index 140 } ltm pool TEST_POOL { members { PRE-PRD-WebServer1:http { address 192.168.206.21 session monitor-enabled state up } PRE-PRD-WebServer2:http { address 192.168.206.22 session monitor-enabled state up } } monitor EBS_UAT partition PRPRDWEBDMZ ltm rule UAT_TEST { partition PRPRDWEBDMZ when HTTP_REQUEST { if { [HTTP::host] eq "uatebsapp1.abc.com:8080" } { HTTP::redirect "http://server1.abc.com:8080[HTTP::uri]" } } when HTTP_REQUEST_SEND { clientside { HTTP::header replace Host "uatebsapp1.abc.com:8080" } } }
nitass_89166
Noctilucent
Jul 08, 2014
did you assign the irule to the virtual server?
Wasim_Hassan_13
Nimbostratus
Jul 13, 2014
yes I have applied the irule to the VS ltm virtual VS_TEST { destination 192.168.206.24:webcache ip-protocol tcp mask 255.255.255.255 partition PRPRDWEBDMZ persist { ENOC_PRDWEB_STICKY { default yes } } pool TEST_POOL profiles { /Common/tcp { } PRE-PROD-WEB-DMZ-Profile { } } rules { UAT_TEST } source 0.0.0.0/0 source-address-translation { type automap } vs-index 140

nitass

Employee

Jul 06, 2014

or you may rewrite location header (e.g. from uatebsapp1.abc.com:8060 to server1.abc.com:8060) in response from pool member.

 config

root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
    destination 172.28.24.10:8060
    ip-protocol tcp
    mask 255.255.255.255
    pool foo
    profiles {
        http { }
        tcp { }
    }
    rules {
        qux
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    vs-index 49
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo
ltm pool foo {
    members {
        200.200.200.101:80 {
            address 200.200.200.101
        }
    }
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
    when HTTP_REQUEST_SEND {
  clientside {
    HTTP::header replace Host "uatebsapp1.abc.com:8060"
  }
}
when HTTP_RESPONSE {
  if { [HTTP::status] == 302 } {
    HTTP::header replace Location [string map {uatebsapp1.abc.com:8060 server1.abc.com:8060} [HTTP::header Location]]
  }
}
}

 client

[root@centos1 ~] curl -i http://172.28.24.10:8060/OA_HTML/AppsLogin -H "host: ebsdmz.abc.com:8060"
HTTP/1.1 302 Found
Date: Sun, 06 Jul 2014 11:21:34 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://server1.abc.com:8060/
Content-Length: 300
Content-Type: text/html; charset=iso-8859-1

 trace

[root@ve11a:Active:In Sync] config  ssldump -Aed -nni 0.0 port 8060 or port 80
New TCP connection 1: 172.28.24.1(51851) <-> 172.28.24.10(8060)
1404646386.7267 (0.0021)  C>S
---------------------------------------------------------------
GET /OA_HTML/AppsLogin HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
host: ebsdmz.abc.com:8060

---------------------------------------------------------------

New TCP connection 2: 200.200.200.14(51851) <-> 200.200.200.101(80)
1404646386.7288 (0.0019)  C>S
---------------------------------------------------------------
GET /OA_HTML/AppsLogin HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
host: uatebsapp1.abc.com:8060

---------------------------------------------------------------

1404646386.7648 (0.0360)  S>C
---------------------------------------------------------------
HTTP/1.1 302 Found
Date: Sun, 06 Jul 2014 11:21:34 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://uatebsapp1.abc.com:8060/
Content-Length: 300
Content-Type: text/html; charset=iso-8859-1

...snipped...
---------------------------------------------------------------

1404646386.7649 (0.0382)  S>C
---------------------------------------------------------------
HTTP/1.1 302 Found
Date: Sun, 06 Jul 2014 11:21:34 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://server1.abc.com:8060/
Content-Length: 300
Content-Type: text/html; charset=iso-8859-1

...snipped...
---------------------------------------------------------------

Wasim_Hassan_13
Nimbostratus
Jul 08, 2014
Hi, I am trying the below config but no luck user is trying http://192.168.206.24:8080 ltm virtual VS_TEST { destination 192.168.206.24:webcache ip-protocol tcp mask 255.255.255.255 partition PRPRDWEBDMZ persist { ENOC_PRDWEB_STICKY { default yes } } pool TEST_POOL profiles { /Common/tcp { } PRE-PROD-WEB-DMZ-Profile { } } source 0.0.0.0/0 source-address-translation { type automap } vs-index 140 } ltm pool TEST_POOL { members { PRE-PRD-WebServer1:http { address 192.168.206.21 session monitor-enabled state up } PRE-PRD-WebServer2:http { address 192.168.206.22 session monitor-enabled state up } } monitor EBS_UAT partition PRPRDWEBDMZ ltm rule UAT_TEST { partition PRPRDWEBDMZ when HTTP_REQUEST { if { [HTTP::host] eq "uatebsapp1.abc.com:8080" } { HTTP::redirect "http://server1.abc.com:8080[HTTP::uri]" } } when HTTP_REQUEST_SEND { clientside { HTTP::header replace Host "uatebsapp1.abc.com:8080" } } }
nitass
Employee
Jul 08, 2014
did you assign the irule to the virtual server?
Wasim_Hassan_13
Nimbostratus
Jul 13, 2014
yes I have applied the irule to the VS ltm virtual VS_TEST { destination 192.168.206.24:webcache ip-protocol tcp mask 255.255.255.255 partition PRPRDWEBDMZ persist { ENOC_PRDWEB_STICKY { default yes } } pool TEST_POOL profiles { /Common/tcp { } PRE-PROD-WEB-DMZ-Profile { } } rules { UAT_TEST } source 0.0.0.0/0 source-address-translation { type automap } vs-index 140

Forum Discussion

Hostname Modification in F5

17 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Rewrite HTTP Redirect Hostname

Redirect single URL (hostname) only.

hostname redirect for public IPs only

iRule for sending traffic to a different pool based on the Hostname.

Changing vcmp guest hostname?