Multi L3DSR traffic handling

Hi guys.

I have question regarding Multi L3DSR using SDN license.

client -> L4-1

s VIP -> L4-2

s VIP -> Server.

all of topology is L3DSR, using encapsulation IPIP.

this is L4-1`s configuration

ltm virtual /Common/VS_10.10.10.10-80-L3DSR { destination /Common/10.10.10.10:80 ip-protocol tcp mask 255.255.255.255 pool /Common/P-10.10.10.10-80-L3DSR_check_10.10.10.10 profiles { /Common/L3DSR-TCP-Profile { } } source 0.0.0.0/0 translate-address disabled translate-port disabled } ltm profile fastl4 /Common/L3DSR-TCP-Profile { app-service none defaults-from /Common/fastL4 hardware-syn-cookie disabled idle-timeout 300 loose-close enabled pva-offload-dynamic disabled tcp-handshake-timeout 10 } ltm pool /Common/P-10.10.10.10-80-L3DSR_check_10.10.10.10 { members { /Common/20.20.20.4:80 { address 20.20.20.4 ---> this is L4-2`s self IP. } } monitor /Common/M-10.10.10.10-HTTP-80-L3DSR profiles { /Common/ipip } } ltm monitor tcp /Common/M-10.10.10.10-HTTP-80-L3DSR { adaptive disabled defaults-from /Common/tcp destination 10.10.10.10:80 interval 5 ip-dscp 0 recv none recv-disable none send none time-until-up 0 timeout 11 transparent enabled } net tunnels tunnel /Common/TEST_tunnel-1 { local-address 10.10.10.4 mode outbound profile /Common/ipip remote-address 20.20.20.4 }

ltm virtual /Common/VS_10.10.10.10-80-L3DSR { destination /Common/10.10.10.10:80 ip-protocol tcp mask 255.255.255.255 pool /Common/P-10.10.10.10-80-L3DSR profiles { /Common/L3DSR-TCP-Profile { } } source 0.0.0.0/0 translate-address disabled translate-port disabled vlans { /Common/TEST_tunnel-2 } vlans-enabled } ltm pool /Common/P-10.10.10.10-80-L3DSR { members { /Common/50.50.50.100:80 { address 50.50.50.100 --> this is Real server } } monitor /Common/M-10.10.10.10-HTTP-80-L3DSR profiles { /Common/ipip } } ltm monitor tcp /Common/M-10.10.10.10-HTTP-80-L3DSR { adaptive disabled defaults-from /Common/tcp destination 10.10.10.10:80 interval 5 ip-dscp 0 recv none recv-disable none send none time-until-up 0 timeout 11 transparent enabled } net tunnels tunnel /Common/TEST_tunnel-2 { local-address 20.20.20.4 mode outbound profile /Common/ipip remote-address 10.10.10.4 }

In this case, Health check is up. but regarding client traffic, L4-2 didn`t handling and have destination unreachable messages.

All of L4`s gateway is L3. and this test network is private and isolated public.

Is there anyone to resolve this issue?

thank you.

Forum Discussion

Multi L3DSR traffic handling

Recent Discussions

Can you set Kerberos AAA server via session variable?

HTML Code injection Not detected by ASM

What will be happen to live and existing connections when failover HA BIG IP active-standby

SSL Offload and remove FQDN

High CPU utilization (100%).

Related Content

F5 BIG-IP in Cisco ACI Multi-Site and Multi-Pod - Design Considerations

DevCentral to Require Multi-Factor Authentication for Account Login from September 26

F5 Distributed Cloud Services to Connect and Secure Multi-Cloud OpenShift Workloads

Scale Multi-Cluster OpenShift Deployments with F5 Container Ingress Services

Journey to the Multi-Cloud Challenges

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS