Forum Discussion

andy_12_5042's avatar
andy_12_5042
Icon for Nimbostratus rankNimbostratus
May 11, 2011

LTM Bridge Versus Route Mode

I cant seem to find any good documents on the specific design of these 2 options with the LTM. I thought I understood both as I have been working for several years on F5's and have had 2 separate types of designs.

 

 

Can someone either point me to documentation that explains both options in detail or give a summary definition of both?

 

 

 

I have been in these 2 scenarios:

 

 

1) what I assumed is bridge. No forwarding servers and all the backend servers were using the floating ips as gateway. We were using SNAT

 

 

 

2) Route mode . Every Vlan had a virtual forwarding server in/out and all traffic was sent over a single L3 gateway on the LTM. On the router side, there were routes sending everything L3 to the LTM. The backend nodes used the LTM self-ips in same vlan as gateway. ( still using SNAT )

 

 

 

I have read a few a couple things that don't quite match this. I just want to get some clarity as I need to decide on a new design for a different network soon.

 

 

 

Thanks for any help

 

Andy

 

4 Replies

  • Andy,

     

     

    Take a look at the manual, http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_implementation/sol_vlans.html1062182. There are couple of diagrams there, which unfortunately comes across very fuzzy, at least to me. In bridge mode, there is flat network, say 10.0.0/24, using the manual as the example, and the servers being load balanced, LTM, and the default gateway for the network is al on the same subnet. The router for the network is 10.0.0.2 and the LTM is at 10.0.0.5. The servers are at 10.0.0.3 and 10.0.0.4. LTM is NOT going to be the gateway for the servers, the router is. They are in the same L2 broadcast domain.

     

     

    Your scenarios 1 and 2 are both L3 routed mode. Once upon a time (v4 days), you did not have to have forwarding virtual server and SNAT would take care of outbound connections (or inbound as the case may be) to and from the servers across LTM.
  • hmm ok interesting. So in my scenario 1, this was back in 9.2 days and its been a while since doing that.... So are you saying that you have to use forwarding servers no regardless? Thanks for the url reference , I will go ver that as well.

     

     

     

  • Am I correct that node originated traffic (non-load balanced) would require a forwarding server to handle the outbound nat? I believe without this , for example if you assigned a snat pool at the vip level, the LB return traffic from server to client would work fine but server(LTM node) orginated traffic would not be nat'd outbound?

     

     

     

  • Yes, you will need a forwarding virtual server in a routed mode, in order for non-load balanced traffic to "route through" the LTM. For server to go outbound, you will need a forwarding VS with SNAT automap turned on, or NAT set up for that particular node.