Forum Discussion

Techgeeeg_28888's avatar
Techgeeeg_28888
Icon for Nimbostratus rankNimbostratus
Dec 20, 2017

Forwarding Virtual Server

Hi Experts,

 

I have a small query related to the IPFWD Virtual Server. As I know IPFWD virtual server uses the default or specific routes defined on the F5 to work. My question is that if I have no routes defined on my F5 LTM unit than the forwarding virtual servers will still work or not?

 

Regards,

 

  • Will still work as long as you have a SelfIP in the target network segment (BigIP is then directly connected). As anywhere else in networking, Directly Connected takes precedence over static and dynamic routes. BigIP will refer to routes only if SelfIP is absent.

     

    • Techgeeeg's avatar
      Techgeeeg
      Icon for Nimbostratus rankNimbostratus

      Hi Hannes,

       

      Thanks for your reply, I got your point and it makes logic that if F5-unit has direct connection in the target network segment the communication will work but if the target network segment is not a directly connected network in that case what will happen does F5 unit only refer to the routes or does it also refer to other forwarding VS that can make this reach-ability possible?

       

      Regards,

       

    • Hannes_Rapp_162's avatar
      Hannes_Rapp_162
      Icon for Nacreous rankNacreous

      I did similar test more than a year ago. Hopefully I recall the details correctly.

       

      Another VS will not be used as a backup. Virtual servers are strictly client-side and only one Virtual Server can match for one connection. If theres a default route in place, then that will be used as last resort. Obviously, default route is unlikely to get the request to right recipient, thus client is more than likely get a connection timeout error (connection drop). If there's no default route to refer to either, then BigIP will respond with TCP RST and client will get a "connection has been reset" error. Outcome for client will be exactly the same as if there were no pool members available for a standard type Virtual Server.

       

  • Will still work as long as you have a SelfIP in the target network segment (BigIP is then directly connected). As anywhere else in networking, Directly Connected takes precedence over static and dynamic routes. BigIP will refer to routes only if SelfIP is absent.

     

    • Techgeeeg's avatar
      Techgeeeg
      Icon for Nimbostratus rankNimbostratus

      Hi Hannes,

       

      Thanks for your reply, I got your point and it makes logic that if F5-unit has direct connection in the target network segment the communication will work but if the target network segment is not a directly connected network in that case what will happen does F5 unit only refer to the routes or does it also refer to other forwarding VS that can make this reach-ability possible?

       

      Regards,

       

    • Hannes_Rapp's avatar
      Hannes_Rapp
      Icon for Nimbostratus rankNimbostratus

      I did similar test more than a year ago. Hopefully I recall the details correctly.

       

      Another VS will not be used as a backup. Virtual servers are strictly client-side and only one Virtual Server can match for one connection. If theres a default route in place, then that will be used as last resort. Obviously, default route is unlikely to get the request to right recipient, thus client is more than likely get a connection timeout error (connection drop). If there's no default route to refer to either, then BigIP will respond with TCP RST and client will get a "connection has been reset" error. Outcome for client will be exactly the same as if there were no pool members available for a standard type Virtual Server.