Forum Discussion

Sat890_341547's avatar
Sat890_341547
Icon for Nimbostratus rankNimbostratus
May 02, 2018

How to configure UDR in Azure for F5 big-ip?

Hi there

 

We have BIG-IP 13.0.0 Build 2.10.1671 running in azure, the vm's are created using the arm template from GitHub

 

I followed the steps in the below doc and configured HA

 

https://devcentral.f5.com/articles/create-a-big-ip-ha-pair-in-azure-27491

 

Now we need to create UDR in azure I've couple of questions

 

The custom route which we create needs to have the tag “f5_tg” on the route name?

 

To create a custom route I need an Address prefix and the next hop address ( Which can be the virtual appliance( BIGIP VE IP ) I’m not sure what needs to be added, is it the internal subnet () for the address prefix and the IP of the secondary BIGIP server for the next hop address

 

Azure
cloud
LTM
  • Kayal_325964's avatar
    Kayal_325964
    Icon for Nimbostratus rankNimbostratus
    Aug 19, 2018

    We opened a case with F5 and they are not able to give right answer.. its bad

     

  • Jeff_Giroux's avatar
    Jeff_Giroux
    Icon for Cirrus rankCirrus
    Dec 03, 2019

    --update, managed route no longer included in newer templates--

    The managedRoute range is the VIP range you want pointed to the F5. Assuming you want to assign 192.168.1.0/24 as a VIP range to your F5, an example would be as follows:

     

    1. Deploy F5s via ARM template
      1. Include “managedRoute” subnet when deploying template (e.g. 192.168.1.0/24)
    2. Create Azure new Route Table
    3. Then create new route for 192.168.1.0/24 network, next hop active F5 self IP address
    4. Add required tags to route table
    5. Associate route table with required subnets
    6. Test failover

     

    https://github.com/F5Networks/f5-azure-arm-templates/tree/master/supported/failover/same-net/via-api/n-nic/existing-stack/payg

     

    For specific Azure steps, you need to...

    1. Create new route table (or adjust existing)
    2. Add new route
    3. address prefix = VIP range = my example 192.168.1.0/24
    4. next hop = virtual appliance
    5. next hop address = the active F5 self IP address receiving traffic
    6. Save
    7. Now back at main route table, add tags
      1. add tag f5_cloud_failover_label with a custom value (ex. "mydeployment")
      2. add tag f5_cloud_failover_nic_map with a value that matches on both BIG-IPs (ex. "external")
      3. *example, your values might be different if you customized
    8. Associate new route table with your subnet(s)

     

    You might ask what is the IP address for step #5. This depends on your setup. In a one-arm setup, the F5 only has one way in/out. It's that self IP of the active unit. If you are in a two-arm setup and participating in an external and internal link, then your next hop will be either the external self IP or the internal self IP. Again, depends on your design and routing.

  • Jeff_Giroux_F5's avatar
    Jeff_Giroux_F5
    Ret. Employee
    Jul 07, 2020

    Correction to tags...

    Correct tags to use can be found here - https://clouddocs.f5.com/products/extensions/f5-cloud-failover/latest/userguide/azure.html#tag-your-azure-network-infrastructure-objects

     

    Therefore, steps will be as follows:

    For specific Azure steps, you need to...

    1. Create new route table (or adjust existing)
    2. Add new route
    3. address prefix = VIP range = my example 192.168.1.0/24
    4. next hop = virtual appliance
    5. next hop address = the active F5 self IP address receiving traffic
    6. Save
    7. Now back at main route table, add tags
      1. add tag f5_cloud_failover_label with a custom value (ex. "mydeployment")
      2. add tag f5_cloud_failover_nic_map with a value that matches on both BIG-IPs (ex. "external")
    8. Associate new route table with your subnet(s)