Forum Discussion
NimbostratusF5 Load Balancing and Cisco Routing
Hey all,
In our current setup we have 2 BIG-IP 2000s in HA pair. Both have uplinks to the Internet. Currently the F5s are doing all of the internal routing for our network. Since our needs have changed, we decided to purchase 2xCisco ASR 1001-Xs to move our internal routing to. The F5s are used to load balance APP/WEB servers in our environment. My question is, how can I move off the routing from the F5 to the Cisco routers, cleanly, and maintain the current load balancing configuration on the F5s (VIPs, NATs etc)? when I try to remove self IPs, it says they are connected to other resources. I need to remove these self IPs because these networks are now on the Cisco routers.
Any ideas?
4 Replies
Brad_ParkerCirrus
Will need a little more clarification about your topology to make a better educated suggestion. I will say that the reason you can't remove the self-ips is that they are being used to connect to your nodes/pool members. If you have L2 connectivity to the networks they live in, the BIG-IP won't let you remove those until they are no longer needed. This can be accomplished by adding additional new self-ips in those networks so you can reclaim what you want, but I can't say if that is prudent without more of an understanding of your topology.
RB323_217345You are correct. Basically the issue is that the floating IPs (Default Gateway for VLANS on F5s) will conflict with the ASR's VLAN DFGW of 172.19.xyz.1. I don't want to change the .1 on the ASR side since all our servers point to .1 So the current setup is:
F5-1 (Active) ------> Internet 1 [VLANS 110-111, 120-123, 130,140,141,160] ------> Trunk to Core Switch
F5-2 (Passive) -----> Internet 2 [VLANS 110-111, 120-123, 130,140,141,160] -----> Trunk To Core Switch
Future Setup:
F5-1 (Active) ------> Internet 1 ------> Trunk to ASR 1 (All VLANS reside on ASRS) F5-2 (Passive) ------> Internet 2 ------> Trunk to ASR 2 (All VLANS reside on ASRS)
Is there a clean way of doing this without messing around with the nodes/pools on the F5s?
- Brad_ParkerSo you are going to a routed(L3) connectivity to your nodes/pool members, rather than connecting directly L2 to them?
- RB323_217345The nodes/pool members are on different VLANs, I'm unsure if the L3 is the best way to go in this situation. Basically the F5 should only be doing the load balancing, not inter-vlan routing anymore, hence why we put in Cisco ASRs. Which way would be the best in your opinion?
