F5 and Nexus Routing Issues

Question

We had 10.8 network on 2 F5's in Active and Standby mode. We created a new routing domain for another network 10.18 and also we used different physical interfaces on the F5. The F5's are connected to 2K-5K-7K - Firewall  and they are trying to reach to 2  NAS hosts in the prod network which is a similar 7K-5K-2K . The 10.8 works fine.&nbsp;
&nbsp;When we try to reach to 2 hosts from the newly created 10.18 subnet servers , we are able to connect to one of the hosts. The traffic for the other host drops in the F5 and 7K mess.  We plugged in a laptop to eliminate the server from which we were trying to reach to the hosts, the opposite happens now. We were able to reach to the nas host which we weren't reaching from the server.&nbsp;
&nbsp;Somewhere the traffic gets dropped .&nbsp;
&nbsp;Did anybody face similar problems? ? Please suggest.&nbsp;

hamish · Answer

Can you create a logical diagram and attach it? 
&nbsp;  
&nbsp; I don't follow why you created separate routing domains for what looks like to me just two separate subnets... (10.8.0.0/16 and 10.18.0.0/16). To me that should just be one (If summarised) to two static routes configured on the F5 to reach the destination subnets. 
&nbsp;  
&nbsp; H

calistar_13172 · Answer

We had to create separate routing domains because 10.8 and 10.18 would be firewalled off in future. 
&nbsp;  
&nbsp; Also we have a VIP VLAN which is a layer 3 SVI on the Core . 
&nbsp; The node VLAN's are layer 2 only with statics on the core pointing to the VIP's . 
&nbsp; The NAS server is sitting in the prod which is a completely different network. 
&nbsp;  
&nbsp; We have this setup for the current 10.8 network . We were trying to move the 10.18 behind the F5's in a similar setup but we are using different physical interfaces on the F5. 
&nbsp;  
&nbsp; I will create the complete logical diagram and upload it soon.

calistar_13172 · Answer

We have a  self IP and floating IP on the LTM . 3 IP's per inside vlan - one for the active unit, one for the standby unit and one floating IP across both units  
&nbsp;  
&nbsp; The real machines (nodes) have default gateway  to that of the floating IP.

hamish · Answer

AIUI that's not what routing domains on the LTM is intended for... Routing domains are for where you have two networks with the same address space... What you've got is just two subnets.... 
&nbsp;  
&nbsp; IIUC what your setup looks like you just need two vlans.   
&nbsp;  
&nbsp; H &nbsp;

hamish · Answer

AIUI that's not what routing domains on the LTM is intended for... Routing domains are for where you have two networks with the same address space... What you've got is just two subnets.... 
&nbsp;  
&nbsp; IIUC what your setup looks like you just need two vlans.   
&nbsp;  
&nbsp; H &nbsp;

Forum Discussion

F5 and Nexus Routing Issues

Recent Discussions

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

ports are showing open on online scanning tool

Related Content

Issue on management route

BIG-IP Next: iRules pool routing

F5 Distributed Cloud - Customer Edge Site - Deployment & Routing Options

BIG-IP High Availability with Azure Route Server

SNI Routing with BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS