Tuesday, September 2, 2014

Alteon group selection by HTTP Host header using Content Rules

Using this lab setup, I will practice HTTP Host based group selection, which is a server pool in Alteon's terminology.



Fist I need to add two hosts to my /etc/hosts files, which is c:\windows\system32\drivers\etc\hosts :

  • a.dans-net.com
  • b.dans-net.com

Both will point to 10.136.85.11.


10.136.85.11    a.dans-net.com
10.136.85.11    b.dans-net.com

I want a.dans-net.com to go to SRV1 and b.dan-net.com to go to SRV2

I need to add two groups with one host only. Notice that AFAIK since version 29 Alteon allows to use strings as rip, groups and virt

 /c/slb/group a_dans
        ipver v4
        add 1
 /c/slb/group b_dans
        ipver v4
        add 2

Next step is to configure the Content Class, which means to configure matching classes which will be later used by Content Rules

 /c/slb/layer7/slb/cntclss a_dans http
 /c/slb/layer7/slb/cntclss a_dans http/hostname a_dans
        hostname "a.dans-net.com"
        match equal
 /c/slb/layer7/slb/cntclss b_dans http
 /c/slb/layer7/slb/cntclss b_dans http/hostname b_dans
        hostname "b.dans"

Notice that class a_dans is and exact match and that class b_dans is an include match (the default mathod, thats why we don't see it in the config). Just for fun...

Now lets add virt  and apply the changes.

 /c/slb/virt 11
        ena
        ipver v4
        vip 10.136.85.11
 /c/slb/virt 11/service 80 http
        group 1
        rport 80
 /c/slb/virt 11/service 80 http/cntrules 10
        ena
        cntclss "a_dans"
        group a_dans
 /c/slb/virt 11/service 80 http/cntrules 20
        ena
        cntclss "b_dans"
        group b_dans
 /c/slb/virt 11/service 80 http/pip
        mode address
        addr v4 10.136.85.200 255.255.255.255 persist disable

Notice that we added two new rules, matching the Content Class we configured before and the action is to select a group, which we configured before too.

As usual we use Source NAT, hence the pip with 10.136.85.200 address.

And he are some "show" commands

>> LB1 - Server Load Balancing Information# /i/slb/virt 11
11: IP4 10.136.85.11,    00:03:b2:80:00:4e
    Virtual Services:
    http: rport http, group 1, health tcp (TCP), dbind forceproxy
        Content Rule 10, enabled
             content class a_dans, group a_dans
        Real Servers:
        1: 10.136.85.1, group ena, health  (runtime TCP), 2 ms, UP
        Content Rule 20, enabled
             content class b_dans, group b_dans
        Real Servers:
        2: 10.136.85.2, group ena, health  (runtime TCP), 2 ms, UP

Now lets see what happens in the browser.

First we test for a.dans-net.com. We expect to see SRV1 only.


Success. We see SRV1 only. Next lets try b.dans-net.


Success again, we see SRV2 only.