Forum Discussion
Amit585731
Nimbostratus
NimbostratusF5 installation on Azure
Hi Members, I am starting to learn public cloud and need your suggestion on the installation of F5 on the Azure platform. As per multiple blogs, I can understand that the arch followed by the organizations is Azure LB -> NGFW -> Internal LB -> F5 -> VNET/ Server. I am confused as in on-prem environment we usually assign a block of IP address to VIP and the IP is broadcasted as Gratuitous ARP to the neighboring device to let them know the IP address own by the F5. But in case of Azure I don't think that is possible and the documents I found on clouddocs or F5 lab they have shown VIP as 0.0.0.0/0. If we add wildcard mask destination then how this is going to work for multiple applications as the listener is wildcard?
Please suggest
Thanks
Hi,
Are you refering to: https://azure-f5-lab-days.readthedocs.io/en/latest/class1/module3/lab1.html?
In this setup the Azure load balancer is pointing to the self-ip's of the two big-ip's. That's why a 0.0.0.0/0 virtual server is created, The BIG-IP is not doing to load balance traffic that is being send to the self-ip, only to virtual servers.
Personally I don't like this setup, it is not possible to determine the status of individual applications.
I would run GTM/DNS on the BIG-IP's and relplace the External ALB with GSLB, this enable the setup with a block of IP addresses for VS's.
With the wildcard destination you have to build a layered virtual server setup (vs targeting vs) with a traffic policy to configure multiple applications behind the wildcard listener.
Cheers,
Kees
