Forum Discussion

fhanson_29549's avatar
fhanson_29549
Icon for Nimbostratus rankNimbostratus
Aug 02, 2010

Configuration Help Big-IP LTM VE

Hello,

 

 

I have been digging around on the devcentral site and the knowledge base to find some help installing my virtual load balancer, to no avail. I cannot get a virtual server working. Can someone help me with the settings?

 

 

I have 2 subnets, 192.168.0.x and 172.16.12.x The servers that are hosting the site to be load balanced are on the 172 subnet along with the database they connect to and the domain controller for their domain. They are hosted on the same machine as the LTM. The rest of my local domain is on the 192.168.0.X subnet.

 

 

Before adding the LTM to the mix the web servers could connect to the internet through the gateway 172.16.12.1 which is a static ARP on my firewall that is the gateway for my 192.168.0.x subnet.

 

 

The VM host has 3 available VM networks and I have tried moving the external and internal interfaces among them as well as adding additional network adapters to the servers to be on several networks.

 

Thanks!

 

ve
virtualization
  • qe_102628's avatar
    qe_102628
    Icon for Nimbostratus rankNimbostratus
    Aug 05, 2010
    Two things have to happen:

     

    1) your clients on the 192.168.0.x subnet have to know how to reach the virtual server that you've created. Something simple to try would be to address the virtual server with a 192.168.0.x IP, then no routing issues are happening for that portion of the connection.

     

     

    2) Your web servers aren't routing through the LTM. This is OK for most protocols - simply enable a SNAT and all inbound client requests to the virtual that you've made will show up to your web servers with a SNAT'd IP address that's been configured on the 172.16.12.x subnet.

     

     

    I suggest digging around for information on SNAT.

     

     

    This is what a connection might look like, given these definitions:

     

    - A virtual server configured with the address of 192.168.0.10.

     

    - the virtual server has a pool of nodes for resources.

     

    - one of those nodes is 172.16.12.11

     

    - the virtual server is set to SNAT automap

     

     

    - the BIG-IP LTM VE has the self IP address 172.16.12.5

     

     

    - the client is addressed as 192.168.0.201

     

     

     

    The client wants to make a request like this:

     

    source: 192.168.0.201, destination 192.168.0.10 (on TCP port 80 for HTTP, for example)

     

     

    the client will look at it's routing table, and determine that it knows how to locally reach the 192.168.0.x subnet. As such, it will ARP for the 192.168.0.10 address.

     

     

    The BIG-IP LTM VE will respond to this ARP request and the client accepts it.

     

     

    The client then sends traffic for 192.168.0.10 to the BIG-IP LTM VE.

     

     

    The original request operation is now a packet, and the packet looks like this:

     

    source: 192.168.0.201, destination 192.168.0.10 (on TCP port 80 for HTTP, for example)

     

     

    The packet reaches the BIG-IP LTM VE. The LTM does it's "magic" and figures out that it needs to send the packet to 172.16.12.11 for processing.

     

    It will put this packet on the wire:

     

    source: 172.16.12.5 destination: 172.16.12.11

     

     

    the return packet from the server will look like this, which will be directed back to the LTM (and not go through the gateway 172.16.12.1 !):

     

    source: 172.16.12.11 destination: 172.16.12.5

     

     

    The BIG-IP LTM VE processes the packet and returns the response to the client. The response packet will look like this:

     

    source: 192.168.0.10 destination: 192.168.0.201