Forum Discussion

awan_m's avatar
awan_m
Icon for Cirrostratus rankCirrostratus
Feb 22, 2024

Management Route and Pool members

Hi - 

i have have a VIP that is the front of Network Management Software(NMS)  - meaning the pool members are NMS servers .

that part works fine - and the pool members are UP -

but i also need to run scp command copy ucs file to the NMS server - and that does not work .

the F5 uses its self IP to scp to NMS which is not allowed . but management ip is allowed to ssh to NMS.

so if i put a management-route in the pool starts FAILING health checks . and if i remove the management route . scp does not work.

what would be the best way - other than allowing the self IP to ssh/scp to NMS.

thanks 

  • awan_m You are in a situation where you have asymmetric routing and you have 3 options.

    1. Add an additional NIC on the NMS servers that reside in a different subnet and then add a route to the management interface of the F5 for the subnet the new NICs are in.
    2. Add additional IPs to the NMS servers in the same subnet that they currently have IPs for and add routes for each IP to the management interface of the F5 and then use those new IPs for SSH/SCP.
    3. Choose to either balance traffic to the NMS servers or SSH/SCP to the NMS servers leave it be.