We are evaluating a CSS 11500 and try to configure url path rewrite and NAT, but we have some problems.
What we would like to do is the following:
The address www.example.com is resolving to a valid internet address, whereas host1 and host2 resolves to private IP addresses.
The client should always see the external url (e.g. http://www.example.com/path1/...) and the CSS should do the necessary translation.
Any help would be very much appreciated!
this should work with Layer5 Rules. The only thing that will not work from my point of view is the fact that the service configuration is not possible with DNS-names (or in other words I never tried to do so). If you configure the IP-Addresses in the services on the CSS it is possible (3 services) and 3 Layer5 rules.
FYI, you can use hostname for creating services.
CSS11503(config-service[test])# ip address ?
However, the CSS sends the DNS request only once.
If your server changes of ip address, you will need to reboot the CSS or reconfigure the service.
to complete the answer from Joerg, you can do the following
ip address host1
ip address host1
ip address host2
vip address x.x.x.x
add service host1-80
vip address x.x.x.x
add service host1-8080
I have configured the CSS as in your example, but unfortunately it does not work for me. I get the following translation
instead of the one I would like:
Is it possible to configure the CSS so that the initial path is removed from the url?
Below are two other examples of what I would like to accomplish that hopefully clearifies better:
Thank you very much again for your help!
HI Harald, HI Gilles,
from my point of view URL-rewriting is not supported on the CSS sofar. I've only seen URL-rewriting on the SCA/SSL-Module but this does not fit in this environment.
Gilles, thanks for correcting me I forgot the possibility of adding hostsnames because this is more or less as static as adding the IP-Address itself as the DNS-Request is not issued reguallary so the advantage of using DNS-Nmes is not that high to rember that possibility... ;-)
Joerg is correct.
You can't modify the url with the CSS.
The only way to do it would be to use a redirect.
By sending a redirect to the client, the CSS can replace the url with one that you configured.
However, this is not dynamic.
You can't extract part of the path and reuse it in your redirect.
Hello Experts, I'm new with this cisco stuff too(just got it 3 weeks ago), but here is some of my experience with cisco css 11501.
First : Service ServerName, there is a port setting here, but from my experience, I think it is related with KeepAlive option, so, port is alternate way to know if the server alive or not.
Second : When you send request to cisco css, the port option in content port will be the cisco css port to accept request, so, if you send a request to http://vip:8080/, all service must be in the same port too to balance the request, in this case, port 8080, if one service port 80, i'm sure the css will not hit the server.
Third : To solve your problem...
if you are lazy to buy new nic, just set subinterface/ip alias on the host1, and make the webserver only bind to specific address, not to all interface...
O yea, about your path1/path2/path3 -> /, hmm, i'm still asking in this forum about path changing cause until now, i haven't know how to do this, i know about apache rewrite module, and success do this, if only i know about this in cisco css too :-(
I'm sorry if I make mistake, I'm just telling my experience...
the port is being used for doing nat translation.
If your vip is on port 80 and your service on port 8080, it means the CSS will PAT (port address translation) from 80 to 8080 when sending traffic to the server.
The command 'keepalive port' is only used for the keepalive so.
Regarding the path, we can't modify it within the CSS.
The only way would be to intercept a specific path and send a redirect to the client to another path.
This is easily done with the redirect feature.
[software developper for CSS and CSM :-) ]