Forum Discussion
Ganesh_Balasubr
Nimbostratus
NimbostratusLoadBalance between the 2 Virtual IP via 3rd Virtual IP
I'm new to LoadBalancer thing and trying to sort out a problem. We have users from 2 different region accessing application server. Say User from Region A will access server via VIP 10.223.9.x and user from Region B via 10.223.11.x VIP. I want have all the user accessing same VIP and LoadBalance between two VIP. I can create new VIP "10.223.30.x" and all the user will be accessing this one and let the BigiP load balance between two Virtual IP. Is it possible to do that, if so how can I accomplish this?
13 Replies
- nitass
Employee
you can create pool with 2 members; 10.223.9.x and 10.223.11.x. then create virtual server listening on 10.223.30.x and assign the pool to it. 
Ganesh_BalasubrI've tried that, but it's not working to me. I created a new pool and added VIP's 10.223.9.x and 10.223.11.x in a POOL. Then created a new virtual IP and gave this as Default Pool. When I try to connect to server from new VIP, it's not getting me the page and states page cannot be displayed.
I suspect the problem is between the External and Internal VLAN configuration. In my LB, the external VLAN ip is 10.223.9.x series which is exposed to external users and internal is 192.168.x. All my servers are installed and running in this internal ip series only. So when I access through single VIP, which in turn directly contacts the server (through default pool) hence renders the page. But when I bring in additional VIP and add the VIP's as default pool to it, it's not working.
In order to verify, I had my server installed in 10.223.9.12 series itself. In the LB created a VIP 10.223.9.212 and added this node to it. When I access 10.223.9.212 it doesn't brings me the page. So will BIG ip will not work when server installed in External ip VLAN- nitassdid you enable snat automap under virtual server setting?
- Ganesh_BalasubrI've left the SNAT Pool to default NONE. I'm setting it to Automap now. Can you tell me what it does?
- nitassCan you tell me what it does?without snat, when bigip sends traffic to pool member (server), source ip won't be changed. if pool member's default gateway is not bigip or pool member and client are in the same subnet, pool member will response client directly which could cause an issue since client would expect response from virtual server ip instead of pool member ip.
anyway, please let us know if it still doesn't work. - You cannot use a virtual as a pool member on the same BigIP LTM. (though the GUI allows it)
Even if it did work, you would still have to have everyone change their DNS entries to point to the third virtual. I don't see the benefit.
If it is the backend pools you are concerned about, use an irule like this on one of the virtuals, and only have one region change.
when CLIENT_ACCEPTED { if { [IP::remote_addr] starts with "10" } { pool regionA_pool } else { pool regionA_pool } }
If you must LB between virtuals, then use something like this iRule on one of the virtuals:
use the "virtual" command: https://devcentral.f5.com/wiki/iRules.virtual.ashx
when CLIENT_ACCEPTED { if { [IP::remote_addr] starts with "10" } { virtual regionA_virt } else { virtual regionA_virt } }
HTH. - Ganesh_BalasubrHi Nitass,
After setting Snat to AutoMap I'm able to access the pages from server which is in same ip series as of external ip configured in LoadBalancer.
Thanks a lot for the tips. - Ganesh_BalasubrJohn,
As you pointed, If I create a Pool of VIP and add it to another Virtual IP (as Global IP) pages are not rendering. I'm able to access the page only if I access the VIP directly. My scenario or requirement is like this
We have users across Geography, like we have users accessing server from California, NewYork, Chicago and so on. We have one BackEnd server with multiple Application/FrontEnd server which users will be connecting. Users from california wil be accessing VIP say 10.223.9.225, new york users VIP is 10.223.11.x and Chicago users VIP is 10.223.30.x. Our condition is to have all the users access same address which is GLOBAL VIP and route the traffic to this VIP, so if chicago server is down they can still reach to california or Newyork since everyone accessing GLOABL VIP, also when people travel they don't need to change the address.
Currently, I'm not able to access the page from Global or the 3rd VIP. All the servers and client where in kind of same subnet, so I cannot create rule based on IP.. All I need is to access these VIP's in a roundrobin fashion through common VIP or by any means.
I appreciate all your help on this - Ganesh
If i understand this correctly:
1) you have a server in each data center.
2) you have a BIGIP LTM in each data center and they each have a corresponding VIP.
3) Users now connect to their local VIP.
You need to think about hostnames, not IP addresses:
globalApp.company.com will translate, via DNS, to three different IP addresses in three different datacenters. You DNS servers pass all three IP addresses to the browser in a round robing fashion. The browser will try first, then second, then third.
Having said that; that would be poor-man's GSLB.
The better and more flexible way of dealing with this is to use the F5 GTM. It will give you a lot of capabilities. Get in touch with your F5 Field Sales Engineer and he/she will draw out a complete solution.
What do you mean by , all users are on the same subnet? What about when they are traveling?
John - Ganesh_BalasubrJohn,
I've been using it with DNS but as you said, it's not of great help. That's why I'm trying to see if can LoadBalance or shape the traffic in RoundRobin method within LoadBalancer. Since we are trying this in our test environment, can't afford GTM for that.
Points you mentioned as 1, 2, 3 is what exactly I want to replicate inhouse or in my lab. Since I'm trying this in my lab, all my client and server machines were in same subnet. What I meant travelling is, some users working in Chicago office will be accessing server by GlobalIP which will inturn redirect to Local LoadBalancer in chicago based on the region. Same user, when travelled to NewYork or California will be accessing the application by GlobalAddress but at that time, it should route the traffic to Local LoadBalancer in that region and not to Chicago which is user region.
Instead of GTM, I've put two LoadBalancer in my test environment now, where the 2nd one will act as my Global LoadBalancer. In the 2nd one, I've added the 2 VIP from other LoadBalancer as Node and created a GlobalVIP. Added those 2 node in to the Global VIP and set SNAT to AutoMap. Though I'm able to ping all the VIP from my new LoadBalancer (serving as Global), not able to access my webpage VIA Global IP.
I'm not sure on how to proceed further and stuck at this point. I'm trying to replicate some customer issues with this setup and can't work on this till I get this configuration resolved. I appreciate all your help on this
