Forum Discussion

flitz_29934's avatar
flitz_29934
Icon for Nimbostratus rankNimbostratus
Apr 19, 2011

LTM : virtual server in different subnet than a vlan --> possible

Hi everybody,     I'm not able to test it in short term so I'm wondering if the following design can work ?     I would like to know if the Virutal Server (VS) can be set in a subnet not k...
config
design
David_24361's avatar
David_24361
Icon for Nimbostratus rankNimbostratus
May 04, 2011
Hi jonathan, thanks for your reply :)

 

 

 

So the situation is like this:

 

 

 

 

Router 1 (10.3.11.66) -----------|

 

* |--------------- bigip1 (10.3.11.71)

 

* HSRP (10.3.11.65) |

 

* | floating ip 1 (10.3.11.73)

 

* | floating ip 2 (10.3.11.74)

 

Router 2 (10.3.11.67) -----------| add virtual server 10.4.0.10:8080

 

* |

 

* |---------------bigip2 (10.3.11.72)

 

* |

 

 

on the bigip bigip1 and bigip2 (both of the bigips are synced), I add the virtual server 10.4.0.10 (it is outside of the subnet range 10.3.11.x)

 

on the router 1, i put ip route 10.4.0.10/32 next-hop it floating ip 1 (10.3.11.73)

 

on the router 2, i put ip route 10.4.0.10/32 next-hop it floating ip 2 (10.3.11.74)

 

 

we have nothing configured on the Routes section on the bigips. However, we put on the virtual server 10.4.0.10:8080, on the Last Hop Pool setting, a pool containing 10.3.11.65:0 as member.

 

 

I suspect the packet is looped between the routers and the bigips. when i run a trace from some cloud before the routers, it indicates the packets from the routers is being forwarded to bigips. but from bigips, the packet is returned back to the routers, and so on until i got this error:

 

 

Tue May 3 01:13:03 WIT 2011 local/tmm crit tmm[2483] 01010201 Inet port exhaustion on 10.3.11.74 to 10.4.0.10:3128 (proto 6)

 

Tue May 3 01:13:03 WIT 2011 local/tmm info tmm[2483] 01010201 Per-invocation log rate exceeded; throttling.

 

Tue May 3 01:13:05 WIT 2011 local/tmm1 info tmm1[2484] 01010201 Resuming log processing at this invocation; held 50 messages.

 

 

for the snat pool setting, we are using the snat pool of these members: 10.3.11.43 and 10.3.11.74. the snat pool is being applied to the virtual server using an irule like this:

 

 

when CLIENT_ACCEPTED {

 

set local_nets 0

 

if { [class match [IP::local_addr] equals local_networks] }{

 

set local_nets 1

 

} else {

 

set local_nets 0

 

}

 

snatpool snat-Pool-to-Mobile

 

if { $local_nets equals 0 } { pool mobile_pool }

 

}

 

 

 

pool mobile_pool contains 10.3.11.65:0

 

 

 

 

I also tried to change the snat pool settings, but I got this error in return:

 

 

Tue May 3 03:03:57 WIT 2011 local/tmm warning tmm[2483] 01190004 address conflict detected for 10.3.11.74 (00:01:d7:be:f4:05) on vlan 4000

 

Tue May 3 03:03:57 WIT 2011 local/tmm warning tmm[2483] 01190004 address conflict detected for 10.3.11.74 (00:01:d7:be:f4:05) on vlan 4000

 

 

 

 

ok Jonathan, i hope this can get you a brief overview about the problem we have, thanks a lot, really hope u can help us :)

 

 

 

thanks,

 

 

 

David