Forum Discussion

hatim1's avatar
hatim1
Icon for Nimbostratus rankNimbostratus
Aug 24, 2011

mapping an external FQDN name to an Internal FQDN one

Hi all,

 

 

I am trying to map an external FQDN name to an internal FQDN (not known externally) using an irule. Due to this fact I am changing the host name in the irule and sending the request directly

 

to a pool (contains the internal IP address for the internal FQDN). If the internal FQDN was known externally I could have used http redirect and it would have worked.

 

 

Here is what I am looking to accomplish:

 

 

https://external.domain.com --> http://internal.domain.com/landing.htm

 

 

In my case, It works partially. I am not able to display images because F5 tries always to use the public FQDN (according to Fiddler).

 

 

Here is what I am doing:

 

 

when RULE_INIT {

 

set static::internal_host "internal.domain.com"

 

set static::external_host "external.domain.com"

 

set static::uri_page "/landing.htm"

 

set static::uri_home "/"

 

}

 

when HTTP_REQUEST {

 

if { [string tolower [HTTP::host]] contains $static::external_host } {

 

HTTP::header replace Host [string map [list $static::external_host $static::internal_host] [HTTP::host]]

 

HTTP::header replace location [string map [list https:// http://] [HTTP::header value Location]]

 

HTTP::uri [string map [list $static::uri_home $static::uri_page] [HTTP::uri]]

 

pool internal_landing_page_pool

 

log local0. "[IP::client_addr] requested [HTTP::header value Host] [HTTP::host] [HTTP::uri]"

 

}

 

}

 

 

Can anybody let me know what am I missing?

 

 

Thanks a lot,

 

Hatim

 

 

application delivery
dev
devops
iRules

3 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Aug 24, 2011
    Hi Hatim,

     

     

    I assume the web app uses absolute references to the internal hostname in response headers and/or content. You can use HttpFox for Firefox or Fiddler2 to check the responses to see where the references are. To rewrite response headers like the Location in redirects, you can use HTTP::is_redirect and HTTP::header replace. For the response payload, you can use a blank stream profile and STREAM::expression iRule.

     

     

    Here are a few related links:

     

    http://devcentral.f5.com/wiki/iRules.http__is_redirect.ashx

     

    http://devcentral.f5.com/wiki/iRules.http__header.ashx

     

    http://devcentral.f5.com/wiki/iRules.stream__expression.ashx

     

     

    Or you could use the ProxyPass iRule for this:

     

    http://devcentral.f5.com/wiki/iRules.proxypassv10.ashx

     

     

    Aaron
  • hatim1's avatar
    hatim1
    Icon for Nimbostratus rankNimbostratus
    Aug 24, 2011
    Thanks Aaron. I will review the links and let you know.

     

     

    Hatim

     

  • hatim1's avatar
    hatim1
    Icon for Nimbostratus rankNimbostratus
    Aug 25, 2011

     

    Hi Aaron,

     

     

    When running fiddler i get only 404's errors. Following a successful first request on the main page. F5 reverts back to the external FQDN and tries external.domain.com/someimage.gif instead of internal.domain.com/someimgae.gif. So no need of is_redirect. for the HTTP::header replace that is what i used in my irule above.

     

     

    I thought i might disable the compression to allow for the stream expression to work.

     

     

    I create an empty stream profile,

     

    I added the following at the top of "when HTTP_REQUEST":

     

     

    Disable the stream filter for all requests

     

    STREAM::disable

     

    remove the compression offerings from the client

     

    HTTP::header remove "Accept-Encoding"

     

    ....

     

     

    Then created this:

     

    when HTTP_RESPONSE {

     

    STREAM::expression "@external.domain.com@internal.domain.com@"

     

    STREAM::enable

     

    }

     

     

    My problem is the encoding is still happening ( I see Accept-Encoding: gzip, deflate under Client using Fiddler) even though i have the instruction above and i made sure the http profile for the VS is using selective for the compression.

     

     

    any idea on what is going on?

     

     

    thanks

     

    Hatim