Host headers on BigIP rather than IIS

Question

I've submitted a support ticket to F5, however I'm not sure they understood what I am trying to accomplish.  I am trying to have the BigIP handle host headers, rather than our front end IIS web servers.

I have a number of different virtual servers configured for each one of our websites (40 total)

Each virtual server is associated with a pool.  My naming convention is as follows:

VIP-sitename-80
Pool-sitename-80

Each pool has the same 6 members (each are Windows 2003 IIS web servers)

Each IIS web server has 40 websites configured on each, and each website config has its own set of host headers.  All websites serve content on port 80 - which was possible by using host headers.

Can anyone tell me if its possible using an iRule, to simply send traffic to a certain IIS site if a host name is matched?

For example, I know it is possible to use an iRule to do the following:

when HTTP_REQUEST {
   if {[string tolower [HTTP::host]] eq "www.oursite.com"} {
     pool Pool-sitename-80
    }
}

But, if we have more than 1 site configured in IIS on each webserver - I'm not sure there's an easy way to target a specific IIS site.

Has anyone been able to use their BigIP version 9 to handle host headers rather than IIS with more than 1 site?

michael_yates · Answer

The F5 LTM doesn't care about Host Headers.  It only cares about the Port. 
&nbsp;  
&nbsp; Look at it like this.  You use the iRules to shape the Traffic to the Pools. 
&nbsp;  
&nbsp; http://www.website.com/subcontent/index.html 
&nbsp;  
&nbsp; If TCP Port == 80  
&nbsp; Do something 
&nbsp;  
&nbsp; If [HTTP::host] equals "www.website.com" 
&nbsp; Do something (HTTP::Redirect or pool Pool-www.website.com-80) 
&nbsp;  
&nbsp; If [HTTP::uri] equals "/subcontent/index.html" 
&nbsp; Do something (HTTP::uri "/subcontent/index.asp" or pool Pool-www.website.com-80) 
&nbsp;  
&nbsp; All of the iRule processing allows you to shape or change the traffic, but when it comes to the server, it only cares about what is configured in the Pool: 
&nbsp;  
&nbsp; 10.10.10.10 - Port 80 
&nbsp; 20.20.20.20 - Port 80 
&nbsp; etc... 
&nbsp;  
&nbsp; With the Senario that you have given you could use a single Virtual Server and a Single Pool to handle all 40 websites (Because they all exist on the same server and port).  The LTM won't help you do what it is your wanting. 
&nbsp;  
&nbsp; A solution to your problem (this is what I do on my IIS Servers) is to get rid of Host Headers by running your websites on Non-Standard Ports (Example:  Port 5050).  It removes the need for Host Headers, prevents the need for additional IP Addresses being wasted, and makes things easier to manage (in my opinion). 
&nbsp;  
&nbsp; Hope this Helps.

joe_pipitone · Answer

Thanks Michael - I was thinking the same thing as far as using non-standard ports. 
&nbsp;  &nbsp;

With that being said - how are you rewriting the port numbers so it is transparent to the client?

Lets say I go to www.website1.com and the bigip sends traffic to a pool that contains a pool member 10.10.3.1 on port 5091, is there a way to rewrite that so it appears as port 80 for the client?  Transparency?

Forum Discussion

Host headers on BigIP rather than IIS

2 Replies

Recent Discussions

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Port Group on F5OS network setting

Related Content

Re: BigIP Report

BigIP Report Old

Re: F5 XC Distributed Cloud HTTP Header manipulations and matching of the client ip/user HTTP header

Security headers

F5 BIGIP WAF AND F5 DNS