09-25-2006 10:41 AM
I have two DNS names that point to the same IP address ie www.aaa.com and www.bbb.com. I would like to create a policy to look at the incoming reqest and if it is for www.aaa.com perform a redirect so that the customer's browser then points to www.bbb.com. This is to overcome cert issues with the request being made to the wrong URL. It looks like this could be done with a DNS map but I don't have a GSLB license and that seems like it might be overkill for this one request. Anyone have any other suggestions??
Thank you
Dave
09-25-2006 11:44 PM
if you have a css you can create a content rule that catches the url "//www.aaa.com" and add a redirect service to it that points to "www.bbb.com".
in the csm you can also create a redirect serverfarm:
rp(config-slb)# serverfarm redirect
rp(config-slb-sfarm)# redirect-vserver REDIR_1
rp(config-slb-redirect-)# webhost relocation 172.16.3.2x/%p
rp(config-slb-redirect-)# inservice
rp(config-slb-redirect-)# exit
rp(config-slb-sfarm)# end
rp# show module csm 3 serverfarm detail
09-26-2006 12:32 AM
Dave,
with the csm you can create a header map to detect which host is being called.
map MAP1 header
match protocol http header Host header-value www.aaa.com
Then use the map with a policy like this
policy MAP1
header-map MAP1
serverfarm REDIRECT
!
Finally, apply your policy to the vserver.
vserver AAA-BBB
vip address x.x.x.x
slb-policy MAP1
inservice
My concern is that to work, the user has to come to your website in HTTP, to be redirected to the correct site and then be redirected to HTTPS.
If the user open a connection directly in HTTPS, then this won't work since the CSM will not see the host [it will be encrypted] and to perform the decryption you need to use the appropriate certificate.
My advice would be to take a new address, so that each site gets its own.
Gilles.
09-26-2006 05:23 AM
That is what I'm trying to accomplish but it is HTTPS already and while I do have an SSL module I'm not allowed to decrypt this traffic so it looks like I'm out of luck on this one.
Using this could solve another issue I have though. Can you use a policy to match on an or condition such as if the host is www.aaa.com or www.bbb.com goto the redirect farm?
Thank you
Dave
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: