Forum Discussion
Jason_Tan_40947
Nimbostratus
NimbostratusAsymmetric Routing Issue
Hi,
Below is my network topology.
Internet
|
Ext FW
|
F5
|
L2 Switch -- Web Servers & DC
|
Int FW
|
Backend Server(Database)
I am a newbie with F5 LTM and I am having issue when the Backend Server try to join domain to the DC in the DMZ zone. All my Web Servers and DC have their default gateway pointing to my F5.
After some troubleshooting, I discover that when the Backend Server need to contact the DC, it will go to the Ext FW and reach the DC. But when the DC replies, it will need to go to my F5(default gateway) then to the Ext FW and reach the Backend Server. WIth this setup, the Backend Server is able to ping the DC but not able to join domain.
The workaround I have is to have the WebServer and DC have a route add statement to set the EXT FW as the gateway for traffic going to Backend Server. After adding the route add in my Web/DC servers, the Backend Servers is able to join the domain.
May I know if there is any design issue with the about setup or anything that I need to configure in my F5 so that I do not need to put in the route add statment in my Web/DC servers.
Thanks in advance for the advice!
Regards,
Jason Tan
nitassEmployee
not sure if i understand correctly. can u configure network forwarding virtual server on f5 to forward traffic between backend server subnet and dc subnet?
SOL7595: Overview of IP forwarding virtual servers
http://support.f5.com/kb/en-us/solutions/public/7000/500/sol7595.html
Jason_Tan_40947Hi nitass,
Thanks for your reply.
I have already a network forwarding VS in the LTM (any IP, any protocol) and static route to my backend server.
Regards,
Jason Tan- nitassso, has problem been fixed??