Forum Discussion
forwarding virtual server not forwarding traffic for one traffic-group
Hi, I have some virtual LTMs running as active/active in a HA setup (lab scenario).
I've setup FVS with a wildcard profile per below
now for traffic-group-1 traffic comes in on the fvs and does not output or egress.
for traffic-group-2 it ingresses and egresses which is active on unit 2.
both ltms have a default-gateway set the same and both are on the /common partitions.
I've tried failing over to unit1/2 respectively with exactly the same results.
any ideas?
im running BIG-IP 12.0.0 Build 0.0.606 Final
I know this worked for me before running the exact same setup and OS version so wondering what ive done wrong this time...
thanks in advance
ltm snat snat-outbound-traffic { description snat-outbound-traffic mirror enabled origins { 10.109.0.0/25 { } } translation /Common/10.109.16.1 vlans { traffic-group1-vlan100 } vlans-enabled } ltm snat-translation 10.109.16.1 { address 10.109.16.1 inherited-traffic-group true traffic-group traffic-group-1 } ltm virtual forwarding-virtual-server { description forwarding-virtual-server destination 0.0.0.0:any ip-forward mask any profiles { fastL4 { } } source 0.0.0.0/0 translate-address disabled translate-port disabled vs-index 8
Ok fixed, issue was a global snat rule which i didn't know existed, once deleted the FVS started to forward for TG1.
thanks for the assistance, there's always a reason why!!
- Stanislas_Piro2Cumulonimbus
Hi,
It may be a asymetric routing issue!
Did you create a floating self ip for traffic group 2 used for routing on servers?
- Simon_BlakelyEmployee
Sukhjit,
Can you check the virtual address list ... Local Traffic ›› Virtual Servers : Virtual Address List
Are the 0.0.0.0 virtual addresses correctly defined for each traffic group?
- Simon_BlakelyEmployee
I don't understand what disabling arp/icmp for 0/0 would do?
It is a requirement for 0.0.0.0 listeners. If you don't disable them at the virtual address, the BigIP will reply to any arp/ICMP requests without routing them.
Show me the settings for the 0.0.0.0 virtual address on both LTMs.
Thanks
- sukhjit_hayre_3Nimbostratus
ltm snat snat-outbound-traffic { description snat-outbound-traffic mirror enabled origins { 10.109.0.0/25 { } } translation /Common/10.109.16.1 vlans { traffic-group1-vlan100 } vlans-enabled } ltm snat-translation 10.109.16.1 { address 10.109.16.1 inherited-traffic-group true traffic-group traffic-group-1 } ltm virtual forwarding-virtual-server { description forwarding-virtual-server destination 0.0.0.0:any ip-forward mask any profiles { fastL4 { } } source 0.0.0.0/0 translate-address disabled translate-port disabled vs-index 8
Ok fixed, issue was a global snat rule which i didn't know existed, once deleted the FVS started to forward for TG1.
thanks for the assistance, there's always a reason why!!
- Simon_BlakelyEmployee
Glad you got it working.
- Abe_11636Cirrus
Is auto-map selected for your VIP?
- Stanislas_Piro2Cumulonimbus
@abe : too late! the issue is solved :-)
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com