Forum Discussion
NimbostratusMonitor config - 2 ISPs - Balancing only outbound traffic
Dears,
We are using BIG-IP LC and we now have only outbound traffic being implemented. We have 2 ISPs - ISP-01 - ISP-02
Created 2 nodes, ISP01 and ISP02, created Pool called links_internet, put them as members, and created a VS_OUT with this pool, and src/dest. any/any, auto-map... LB method I am testing ratio (member) w/ 2 for 1 to ISP-01...... everything works fine, IF both ISPs are UP.
How is the best way to monitor both ISP links?
I am facing problems when ISP01 goes down... I already did many tests w/ monitors but BIG IP always see ISP01-link UP! So, some users can access internet, other users are being dropped...
Already tested: link controller > monitor > created monitor, w/ type BIG-IP Link, w/ Alias Address pointing to 1st hop into ISP cloud.
Even if I turn the internet router OFF, big ip still believes link is UP.... :(
Thanks in advance!!
10 Replies
Cory_50405Noctilucent
The link may not be going down because the 1st hop into ISP1 could still be reachable via ISP2. Is there a better target for your monitor with ISP1, one that is only reachable via ISP1?
fabiogarcia_145Exactly... this is the main problem I guess... I was wondering maybe if there is a way to force BIG IP to reach that ISP IP only via that link (which was down) so it would recognize that link down....
Already tried to do some routes at network > routes, pointing to ISP-01 IP itself, pointing to ISP-01-Pool.... but nothing worked...
anyway thanks!!
- Cory_50405
Maybe your ISP can provide a router loopback or some locally connected network that exists/is routable just between your network and theirs. Perhaps on the network where BGP peering is done?
Henrik_GyllkranThe feature to use in this scenario is a parameter in the monitor called "Transparent". This is used in combination with specifying an Alias Address and Alias Service under Advanced properties so that you specify an end destination out on the Internet. What Transparent does is that the monitor will be sent to the Alias Address and port but the destination MAC will be the MAC address of each pool member. So the BIG-IP will try to reach the end destination through each router.
It might be a good idea to specify a couple of these monitors with different end destinations and set the Availability Requirement on the pool to be at least one monitor, in case any of the servers that you define as Alias Address and Port becomes unavailable.
- fabiogarcia_145
Hello everyone! Thanks for all!! Please find below my topology...
BIG-IP box 01 (100.100.100.2) needs to monitoring ISP-01 (40.40.40.1) thru Router-01 (GW 100.100.100.1. The main problem is when "ISP-01 LINK" goes DOWN, BIG-IP can reach 40.40.40.1 thru ISP-02.
Tried also a route ip 40.40.40.1 thru GW 100.100.100.1, no joy... route thru Pool_ISP01, no joy...
Is this the best scenario for a transparent ICMP config? How can I do that ?
Thank you very very much!!
- Cory_50405I'm not sure transparent monitors are the answer. Based on what Henrik said about using MAC address, that won't be relevant here as you are going through multiple router hops to get to the address that you'd want to monitor. In other words, you aren't testing transparent network devices.
- Cory_50405After reading Henrik's response again, transparent monitors should work. Please ignore my previous ignorant response. :) Using the same transparent ICMP monitor(s) for both of your ISP nodes should work. As Henrik said though, best to setup multiple monitors and set the availability to mark the nodes up if at least one of the monitors is succeeding.
- Henrik_Gyllkran
Transparent certainly is the answer, the point is that transparent sends the monitor traffic with each pool member as "next hop". The number of router hops after that doesn't matter. As for the actual implementation there is no need to monitor each router with a unique monitor, you could but wouldn't you rather know that you can reach something through both routers? That's the very point of ISP load balancing after all.
So create a monitor and decide on something to be the end destination and put that as the Alias under Advanced properties and check Transparent. Assign that to the pool and you're done. And as I said, consider having multiple monitors and change the availability requirement.
- fabiogarcia_145
Hello Guys,
Indeed that config worked!!
I have created a monitor w/ type icmp_gateway w/ alias 8.8.8.8 and transparent ON. But at documentation (LTM Essentials) I saw the recommendation typo should be "Big IP Link".
Do you guys have any concerns about that ?
Below the monitors I am using
And also this one for Link Controller
- Cory_50405These monitors you have applied will work just fine.
