Forum Discussion
Sarah_258804
Cirrus
CirrusDo I need a self-ip in the same subnet as my virtual servers, or a VLAN ID?
Hi all.
So my external self IP is in the 10.251.12.0/24 subnet and my virtual servers are in the 10.251.10.0/24 subnet. However, I can't ping any of my vIPs from the F5 itself or outside of that network. I noticed that if I put the vIP in the 10.251.12.0/24 subnet I can ping it from the F5 as well as outside of the network. It's like my F5 doesn't want to advertise my virtual servers.
Am I missing configuration here? I do not have a VLAN defined for the virtual servers, nor do I have a self-IP in that range. Should I?
That depends. You don't NEED one, but if you don't have one, then BOTH the BIG-IP needs a way to route to your server from a different self-ip, either via a route or the default tmm gateway (it can NOT use the management gateway), AND the server needs a route to the self-ip it receives the traffic from. If you are on the same subnet it is easy because you don't have to configure any routing.
As for VLANs, the logic is similar, you have to make sure the ingress/egress traffic have the same VLAN tag or disable VLAN-keyed connections (not recommended).
Sarah_258804Is it recommended to have a self-IP in the same subnet as your vIPs or should I create a route on the F5 to and from the virtual servers instead? Right now I have a vIP in the same subnet as my external self-IP, is this not recommended? What is the best practice?
Theo_12742There is no best practice--the flexibility of the platform is you can do either, and there are reasons to do both. I will say the simpler way is to create the Self IP.
IRONMANCirrostratus
Can you please tell me reasons, why we use the VIP's are in different sub net?
- Sarah_258804Thanks Theo, for now I think I will keep my virtual servers in the same subnet as my external self-IPs. As long as there is no reason that I should not do this.
