Forum Discussion
NimbostratusF5 with out default gateway
Hi ,
I am confused with an implementation which i recently came across .
its dual arm mode VLAN1 ->10.10.10.x ( VIP) and VLAN 2 ->192.168.100.x ( Servers) . Floating IPs 10.10.10.11 and 192.168.100.1 . servers are having default gateway as 192.168.100.1 . simple straight forward setup .
snat auto is used on the virtual servers . and hence source address seen on the servers are 192.168.100.x ( SelfIP non floating of Server VLAN) .
there is no routing configured on the box ( no default gateway).
when a client access from internet following happens
1) ASA does natting 2) traffic reached F5 ( Src: Pub IP , Dst : VIP) 3) F5 send the traffic to the server ( Src: SelfIP , Dst : real IP of server)
return back traffic
1) Server send the response to the Self IP ( due to snat) 2) traffic reaches F5
here is where my question is , with out a default gateway how F5 sends back the traffic to the ASA ? . how F5 knows where to send the public IPs which is coming through ASA interface ?
i am literally confused. this is working perfectly fine too
when i checked tmsh sh system connection it is showing the public address requesting reaching the F5 . So with out gateway how F5 knows it should send back to the ASA interface?
can any one clarify my doubt please ,
thanks, PMD
2 Replies
- Eric_St__John
Employee
The BIG-IP has a feature called auto lasthop, which is on by default. That feature causes the BIG-IP to return response traffic to the same MAC address that the traffic originated from,in your case the ASA.
Where you would run into problems is if the servers initiated outbound traffic, that would fail due to the lack of a route, and the lack of a forwarding IP virtual server if one does not exist.
PMD_186273thank you very much eric... now it is clear.
