Forum Discussion

Stuart_Page_131's avatar
Stuart_Page_131
Icon for Nimbostratus rankNimbostratus
Apr 21, 2014

Data Group IP Lists and Route Domains

I wanted to ask this question since I hadn't seen a definitive answer for v11.x.

 

In a Data Group List of IP's, when route domains are in use, is it required to denote the route domain suffix (%x) for each IP/network? Should I leave it off?

 

Looks like in v10.x this did not work. See: https://devcentral.f5.com/questions/ip-address-based-classes-support-routing-domains-in-v101.

 

Thanks.

 

  • Well, after posting my question, I realized I could test this. I set up a lab config, and here's what I found out:

     

    v11 will take both with and without the route domain suffix. I suspect that WITH the Route domain the entry is more specific. Some environments utilize route domains to allow for duplicate address spaces and prevent IP conflicts. In that kind of situation, I can see where supplying the rd suffix would be helpful.

     

    FWIW, I'm running Big-IP v11.4.1 HF2

     

    • StephanManthey's avatar
      StephanManthey
      Icon for MVP rankMVP

      Hi Stuart,

       

      in TMOS v11.5.5 (base; no hotfix) the route domain suffix may be added to the datagroup entry (address%rd-suffix).

       

      With a class match using "equals" comparison the route domain information seems to be ignored.

       

      It seems to match the IP address and mask information only.

       

      This may cause problems with overlapping IP ranges.

       

      Thanks, Stephan