Forum Discussion

chungyu_16122's avatar
chungyu_16122
Icon for Altostratus rankAltostratus
Feb 05, 2019

Load Balancer Traffic Design without using Self IP

Hi everyone

 

I would like to know if anyone has used a setup that has one large subnet as an outside Vlan (for service VIP's) and it routes to all the different server vlans. Typically, we setup all the server vlans with Self Ip and Floating IP and then use the automap feature to move the traffic.

 

In this traditional model, we need to always reserve self IP and float IP in the vlans where the servers are built and to allow firewall rules for these IP and the subsequent "Outside" IP.

 

Is there a design where we can just have the traffic route to the servers? When I do not have a self IP for the vlan, it seems to just send the traffic via the default route.

 

Thanks

 

Chung

 

application delivery
LTM
  • Amy003_314955's avatar
    Amy003_314955
    Feb 05, 2019

    I have this type of setup where there is no self-ip on the LTM and it works perfectly fine. Reason - All the IP addresses (VIP, Pool members) are advertised in the same routed protocol. I have not come through any issue with this design. It's configured in one arm mode and also uses snat pool.But on F5, you will have to set a default route for reverse traffic.

     

  • Amresh008's avatar
    Amresh008
    Icon for Nimbostratus rankNimbostratus
    Feb 05, 2019

    I have this type of setup where there is no self-ip on the LTM and it works perfectly fine. Reason - All the IP addresses (VIP, Pool members) are advertised in the same routed protocol. I have not come through any issue with this design. It's configured in one arm mode and also uses snat pool.But on F5, you will have to set a default route for reverse traffic.

     

    • chungyu_16122's avatar
      chungyu_16122
      Icon for Altostratus rankAltostratus
      Feb 06, 2019

      Hi

       

      Thanks for the response, are your servers pointing to the router as the default gateway and when the servers respond, is the traffic returning tot he the snat pool address?

       

      Regards

       

      chung

       

    • Amresh008's avatar
      Amresh008
      Icon for Nimbostratus rankNimbostratus
      Feb 06, 2019

      The servers are all part of the L3 vlan and they have the corresponding default gateway. The snat pool comes in picture for the incoming traffic and not the outgoing traffic.

       

  • Amresh008's avatar
    Amresh008
    Icon for Nimbostratus rankNimbostratus
    Feb 05, 2019

    I have this type of setup where there is no self-ip on the LTM and it works perfectly fine. Reason - All the IP addresses (VIP, Pool members) are advertised in the same routed protocol. I have not come through any issue with this design. It's configured in one arm mode and also uses snat pool.But on F5, you will have to set a default route for reverse traffic.

     

    • chungyu_16122's avatar
      chungyu_16122
      Icon for Altostratus rankAltostratus
      Feb 06, 2019

      Hi

       

      Thanks for the response, are your servers pointing to the router as the default gateway and when the servers respond, is the traffic returning tot he the snat pool address?

       

      Regards

       

      chung

       

    • Amresh008's avatar
      Amresh008
      Icon for Nimbostratus rankNimbostratus
      Feb 06, 2019

      The servers are all part of the L3 vlan and they have the corresponding default gateway. The snat pool comes in picture for the incoming traffic and not the outgoing traffic.

       

  • Amy003_314955's avatar
    Amy003_314955
    Icon for Cirrus rankCirrus
    Feb 05, 2019

    I have this type of setup where there is no self-ip on the LTM and it works perfectly fine. Reason - All the IP addresses (VIP, Pool members) are advertised in the same routed protocol. I have not come through any issue with this design. It's configured in one arm mode and also uses snat pool.But on F5, you will have to set a default route for reverse traffic.

     

    • chungyu_16122's avatar
      chungyu_16122
      Icon for Altostratus rankAltostratus
      Feb 06, 2019

      Hi

       

      Thanks for the response, are your servers pointing to the router as the default gateway and when the servers respond, is the traffic returning tot he the snat pool address?

       

      Regards

       

      chung

       

    • Amy003_314955's avatar
      Amy003_314955
      Icon for Cirrus rankCirrus
      Feb 06, 2019

      The servers are all part of the L3 vlan and they have the corresponding default gateway. The snat pool comes in picture for the incoming traffic and not the outgoing traffic.

       

  • Erik's avatar
    Erik
    Icon for Nimbostratus rankNimbostratus
    Feb 07, 2019

    Hi, I have a setup that uses this. Have a front-end VS with a public IP and with selection in iRules it send the traffic to a back-end VS. This back-end-VS is APM enabled and are configured with private IPs that does not have any Self-IPs. The back-end VS then communicate with pools. Works perfectly.

     

    Regards Erik

     

  • SWJO's avatar
    SWJO
    Icon for Cirrostratus rankCirrostratus
    Feb 07, 2019

    Hi

     

    The best solution for your question is DSR(direct server return).

     

    exactly L3 N Path Routing.

     

    But there is limit on this topology.

     

    Regards,