Forum Discussion
Firewall load balancing
Hello,
Looking for some guidance on how to configure firewall load balancing. I had thought this was a popular thing, but the lack of documentation has me thinking that maybe no one does this anymore. I guess firewalls are generally fast enough nowadays that you don't need to do this, but in my case there are two problems:
1) The firewalls do a lot of application-level stuff which slows them down 2) IPS's are also inline, which aren't nearly as fast
So I need to do firewall load balancing with a couple VIPRION chassis. But I can't for the life of me figure out exactly how to configure the virtual servers so that they're fully transparent. What type of virtual server should be used? A forwarding server doesn't allow me to configure the firewall pool. A standard server isn't transparent -- the F5 appears to terminate the TCP sessions on each interface, which is no good (I just want them passed through).
Any tips would be greatly appreciated!
Hi,
I think
- Performance Layer 4
- All Protocols
- Disable address translation
with the appropriate pool of firewalls should work fine.
- rob_carrCirrocumulus
I think firewall load balancing is less necessary these days as more firewalls cluster.
You need a standard virtual server in order to have load-balancing, but to make it transparent you need to disable address and port translation. You won't see won't see these two options unless you change your configuration view from basic to advanced.
- IheartF5_45022Nacreous
Hi,
I think
- Performance Layer 4
- All Protocols
- Disable address translation
with the appropriate pool of firewalls should work fine.
- IheartF5_45022Nacreousand disable port translation!
- Terry_B_141446NimbostratusThis appears to do the trick. Thanks!
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com