Forum Discussion
InfraOps
Nimbostratus
NimbostratusIs a Dedicated Interface, VLAN, and Self IP Required for a VIP in an F5 Configuration?
Hi All,
We have a Red Hat Satellite server (repository), and the client servers need to connect to it via the VIP. The pool members are the Satellite Capsule servers.
The Capsule servers communicate directly with the Satellite server, but the clients should only connect to the Capsule servers through the VIP.
Current Configuration:
- Two Capsule servers (pool members) are in one subnet, while the other two are in a different subnet.
- The VIP is in a different subnet than both the Self IPs and the pool members.
Questions:
- Is it correct that we need two Self IPs because the pool members are split across two different subnets?
- Does the VIP require its own dedicated interface, VLAN, and Self IP?
- The pool members, Self IP, and VIP cannot be in the same subnet as the management interface, correct?
Hi InfraOps,
About your questions:
- Is it correct that we need two self-IPs because the pool members are split across two different subnets? Yes, you need three IPs for non-floating and floating IPs in each VLAN.
- Does the VIP require its own dedicated interface, VLAN, and Self IP? No, you could use a LAG connection and tag both VLANs, but the Vlans must be differents same than the Self-IPs
- The pool members, Self IP, and VIP cannot be in the same subnet as the management interface, correct? No, it can´t, The management plane is separated from the data plane.
I hope it works.
- zamroni777
Nacreous
f5 is just like server.
it can have only 1 ip address to connect to many destination as long as having correct routing config in itself and next hop router.if your f5 is HA pair, you need at least 3 ip for each configured subnet: self IP of F5A, self IP of F5B, and floating ip of f5 pair.
1. Is it correct that we need two Self IPs because the pool members are split across two different subnets?
No. With correct ip routing config, 1 floating ip can be adequate if it can connect to multiple subnets using this 1 ip.2. Does the VIP require its own dedicated interface, VLAN, and Self IP?
No.
Just like server or even windows laptop , you can have 1 arm config that multiple VIP, self and floating IP of multiple subnets attached to 1 VLAN/1 interface.3. The pool members, Self IP, and VIP cannot be in the same subnet as the management interface, correct?
Correct. control plane (mgmt) must be in different subnet than data plane (vips, selfs, floatings) 
InfraOpsThis is my setup: the VIP is in a separate subnet from the Self-IPs, the management interface, and the pool members. To handle this configuration, I have two VLANs and corresponding Self-IPs because the pool members are split across two different subnets.
We are not using HA in this setup; failover will be done manually for now to keep things simple.
Currently, the F5 Main is set to act as the active node. However, we are facing challenges with the VIP configuration. My question is: would it be better to create two pools, one for each subnet, or can I use a single pool with all four members (two from each subnet)?
Additionally, do I need to explicitly connect the VIP to the VLANs and Self-IPs to route traffic correctly? Should I also use SNAT to ensure proper communication between the pool members and clients?
Does this configuration work as described, or are there better recommendations for achieving this setup?
