Forum Discussion
InfoSec_38553
Nimbostratus
NimbostratusIs possible to get muti floating IP?
Hello,
It hard for me to explain my issue this why I explain it twice. I hope it will be clear and asked for any more clarify.
I'm working to let our F5 able to connect with different destinations.
According to our need I should let F5 connect with different floating IP, but same zone of the first floating IP.
For example:
I have myvlan and the following self IP:
10.0.10.11
10.0.10.12 as floating
I need another floating to work with myvlan2 such as:
10.0.10.13 as floating
When I tried to do that the following error appears:
01070354:3: Self IP 10.0.10.13 / ***.***.***.***: This network is defined on two vlans (myvlan and myvlan2)
Is it possible to set multi floating each one in different interface for same netwrok?
Do you have another way to do this? I didn't want to create different network IP if possible.
--------------------------------------------------------------------------------------------------------
For more explanation:
F5 go out to end servers by public IP.
We have two public IP for different service, when F5 goes out it should have one of these IPs.
example public IP:
- 212.212.212.222
- 212.212.212.333
To assign F5 floating IP to public IP (using NAT) it couldn't assign it with two IPs
We can't assign 10.0.10.12 to get 212.212.212.222
and same time 10.0.10.12 to get 212.212.212.333
my solution was to set 10.0.10.12 to get 212.212.212.222
and assign 10.0.10.13 to get 212.212.212.333
After that the following message appears:
01070354:3: Self IP 10.0.10.13 / ***.***.***.***: This network is defined on two vlans (myvlan and myvlan2)
Maybe the solution to get another IP with different network, but I don't prefers this one.
Note:
10.0.10.12 member of myvlan
10.0.10.13 member of myvlan2
and I used myvlan2 with different interface than myvlan.
Please guide me.
L4L7_53191Have a look at route domains (assuming you're on 10.x): http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos_management_guide_10_1/tmos_route_domains.html?sr=13101146
-Matt- Chris_Miller
Altostratus
Can you elaborate on "two public IP for different service?" If you're not in the mood for route domains, an iRule might be an option. Or, if you're trying to use different public addresses for different outbound ports, then you could simply create separate Virtual Servers with separate SNAT Pools. Just need to understand more about what you're going for. - InfoSec_38553Posted By L4L7 on 03/05/2011 10:47 AM
Have a look at route domains (assuming you're on 10.x): http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos_management_guide_10_1/tmos_route_domains.html?sr=13101146
-Matt
Hi,
I tried with route it use three options:
- Getway
- Pool
- Vlan
I can't use any of them.
If I tried assign 10.0.10.13 (new floating IP) to mylan2 which use different interface.
If route had more feature for Interface would be very helpful for my.
Thank you. - InfoSec_38553Posted By Chris Miller on 03/05/2011 10:54 AM
Can you elaborate on "two public IP for different service?" If you're not in the mood for route domains, an iRule might be an option. Or, if you're trying to use different public addresses for different outbound ports, then you could simply create separate Virtual Servers with separate SNAT Pools. Just need to understand more about what you're going for.
My problem maybe will be solved if I used different IP from different network and assign it to different vlan.
to be clear I mean by Nat firewall Nat.
The firewall will Nat F5 self floating IP to public IP to connect with out side or public service.
As you know I can't assign same IP when I use Nat (in firewall).
I will explain again.
I have two service from two VIP each one should be translate to different IP address to be possible to use Nat from the firewall.
My VIPs:
10.0.10.11 port 80
Another VIP:
10.0.10.11 port 222
I want the first VIP got out with IP:
10.0.10.12 (floating IP)
And the second VIP go out with IP:
10.0.10.13 (floating IP)
Note:
I have two device as (Active and Standby) this why I need use floating.
Is it OK to create two floating IP or not possible?
Thank you all - Chris_MillerI don't understand why you should have to use a floater here. Why not create a SNAT Pool with 10.10.10.12 as the only member and configure your 10.10.10.11:80 Virtual Server to use that SNAT Pool. Then, create a SNAT Pool with 10.10.10.13 as the only member and have your 10.10.10.11:222 Virtual Server use that SNAT Pool?
- InfoSec_38553Posted By Chris Miller on 03/06/2011 06:26 AM
I don't understand why you should have to use a floater here. Why not create a SNAT Pool with 10.10.10.12 as the only member and configure your 10.10.10.11:80 Virtual Server to use that SNAT Pool. Then, create a SNAT Pool with 10.10.10.13 as the only member and have your 10.10.10.11:222 Virtual Server use that SNAT Pool?
Hi Chris,
This what I really did it for now.
It is working fine like what I want.
Thank you all. - Chris_MillerPosted By InfoSec on 03/07/2011 03:12 AM
Posted By Chris Miller on 03/06/2011 06:26 AM
I don't understand why you should have to use a floater here. Why not create a SNAT Pool with 10.10.10.12 as the only member and configure your 10.10.10.11:80 Virtual Server to use that SNAT Pool. Then, create a SNAT Pool with 10.10.10.13 as the only member and have your 10.10.10.11:222 Virtual Server use that SNAT Pool?
Hi Chris,
This what I really did it for now.
It is working fine like what I want.
Thank you all.
Very happy to see it's working. This is a great example where an iRule definitely would have worked but may not have been the best option. As I've often heard from F5 folks - "If there's a check-box or a dropdown option, use it before an iRule as that's likely the most efficient option."
