Ltm::Virtual Server: IPForwarding

Question

Hello,&nbsp;
What is the Ltm::Virtual Server: IPForwarding virtual server  shown on the output of "show ltm virtual all". (there is also a  IPForwardingV6)&nbsp;
The story begins because we are seeing spikes of 10k in the number of connections every 15 min or so. Since the graph on Overview =&gt; Performance is an aggregate, we moved to poll stats over snmp to get the number of connections per virtual server.&nbsp;
to my surprise all virtual servers are ok expect the IPForwarding where i see the actual spikes. What traffic is treated by this virtual server? It doesnt seem to be the sum of all virtual servers but rather a different traffic.&nbsp;
cat /etc/issue
BIG-IP 11.6.0 Build 0.0.401
Kernel \r on an \m&nbsp;
thanks
evelio&nbsp;

tj_vreugdenhil · Answer

"A Forwarding (IP) virtual server forwards packets directly to the destination IP address specified in the client request. A Forwarding (IP) virtual server has no pool members to load balance." So basically this turns your F5 into a router and unless you have a traffic filter configured, it sends the packets you have in the destination VIP based on the routes you have on the F5. &nbsp;
I see a lot of clients configure a wildcard forwarding VIP with destination 0.0.0.0:0 which allows any protocols through, IP, TCP, UDP, etc. Some clients configure a forwarding VIP in combination with a route friendly fastl4 profile to allow asymmetric routing. Other use it simply to all ICMP, traceroute, and other protocols that they don't want to just block at the F5. &nbsp;
https://support.f5.com/kb/en-us/solutions/public/14000/100/sol14163.html&nbsp;
https://support.f5.com/kb/en-us/solutions/public/7000/500/sol7595.html&nbsp;
You can figure out what traffic is going through the F5 during these spikes by running a tcpdump and using the wireshark summary page to get a statistics for what kinds of traffic are occurring. You can set the snaplen to a lower value to not capture as much of the payload so your capture will not be huge... &nbsp;
tcpdump -vvv -nni any:nnnp -s 100 -w everything.pcapng&nbsp;
Also what is the destination IP and port of your forwarding VIP? Is it 0.0.0.0:0? &nbsp;

Forum Discussion

Ltm::Virtual Server: IPForwarding

1 Reply

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

CPU utilization of F5OS on r2600

F5OS VLAN naming length restrictions

SSL cipher

iApps with load ucs Platform-migrate on newer hardware

Raise your hand if you'll be at AppWorld 2026

Related Content

iControl REST Cookbook - Virtual Server (ltm virtual)

Virtual Server graphical App for F5 LTM

iControl REST Cookbook - Virtual Server Profile (LTM Virtual Profiles)

List LTM virtual server availability states

GTM not discovering LTM Virtual Server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS