Forum Discussion
CONNECTION IS LOST DUE TO SELF IP IS DELIVERED
Hi team, the scenario is: Virtual server was configured with automap. Traffic is balancing right but for the nature of this application (non-http) the connection in the node (server) must be viewing with original source ip instead of self ip address.
How can I solve this scenario attached in the picture?. I believe that I can try with NONE in source translation instead of "Automap" in VS and the server must be configured with F5 Self ip for this vlan like default gateway server. It is valid this setting or another alternative to solve this?.
Thanks.
Regards
Andrew
In order to assist you we would really need to know the topology of the F5 and where connections originate from. The reason this information is necessary is because typically Virtual Servers (VS) do not have SNAT enabled by default and is typically configured to solve for a specific problem.
- Aapazmino1986Altostratus
Thanks Paulius, of course. This is the topology. I tried with Npath routing but I cannot see original address, even I cannot see traffic in the virtual server forwarding layer 4 172.60.60.175. I configured in the loopback interface equally to this kb: https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-6-0/5.html but is not possible connect.
The only way to resolve this would be to put the F5 in path rather than out of path, the way it is now.
Hi Aapazmino1986,
If your application is (non-http) you can´t set the x-forwarder-for in the requests, there are two ways to view the original IP:
- Configure the F5 self- ip in the servers as the default gateway, and create a couple of VS to forward the TCP and UDP traffic outside using the F5.
- Configure N-path to enable asymmetric traffic, but in my opinion, is the worst option.
Hope it works.
- Aapazmino1986Altostratus
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com