Forum Discussion
NimbostratusMultiple VIPs on one VS
Hi DevCentral community,
Is it possible to have multiple VIPs for the one virtual server? It may seem like a strange request, but its to do with a ip address migration.
Obviously I can create multiple VS - but Im hoping not to do that as its a lot of configuration.
ie: 10.10.10.10:80 which is my vip on virtual server, and I would also like same virtual server to listen on 10.10.11.10:80 and have auto last hop take care of my routing. I've tested that this works fine if I create multiple virtual servers (with different VIPs) but cant find a way to create multiple VIPs.
Thanks Guys.
12 Replies
Josh_AbaireThere is no way to have two destinations under a virtual. I question what the value would add besides not configuring the extra virtual. I assume you have many of them to change. Keep in mind you can have the same pools, profiles, and iRules applied to the two virtuals.
One possible method for large changes is to directly edit the bigip.conf file. Use vi, replace the IPs (ie find and replace all 10.10.10 with 10.10.11), save, then 'b load' or I think the tmsh command is 'load sys config' and it should load up the changes. Watch out for your self IPs on a large scale find and replace.
BockyBoy_1026Thanks Josh.
I figured that it wasn't possible. The value is exactly as you say - not having to create many more VS (we have around 30 all up - not huge, but enough).
It also would give me a graceful cutover - as DNS changes are involved, when clients got the new DNS value, they'd just hit the other VIP but it all goes to the same place.
I tested that it all works perfectly, but only when I create multiple VS.
Thanks though for your time.
Cheers
- boneyard
MVP
if the question is answered correctly you could use the correct answer icon to flag it as answered.
JGCumulonimbus
Just to push the envelope a bit, would it be possible to set up a port-specific wildcard server with an irule that does the redirect for this?
StephanMantheyNacreous
A virtual server can be associated with a /32 address (virtual IP address) or a network /x. In this case you would need an iRule with i.e.:
switch [IP::local_addr] {}for a granular decission how to treat incoming traffic.
- Kevin_Stewart
Employee
If I may add, one of the most common methods for migrating services is to simply use DNS. In this way you're just flipping a DNS entry from one IP to another, and your VIPs can be anywhere.
- StephanManthey
Creating 30 virtual from web UI is no fun, I fully agree.
How about just grabbing the related objects (virtual IPs, virtual servers) from your current /config/bigip.conf? Use an editor to change the names and addresses for virtual IPs, names and destinations for virtual servers, put the file to i.e. /shared/ and run:tmsh save sys ucs backup_my_stuff tmsh load sys config merge file tmsh save sys config tmsh run cm config-sync to-group device-group-failover - brad_11480
i'm going to be going through the same thing. We are moving our public IP's to another block so all of our IP's have to change on the virtual servers and for a period of time both need to be active to handle requests coming in from the old IP while the new IP is being advertised.
It would be so very helpful for F5 to support more than one destination for a virtual server.
Right, it sounds like I need to duplicate the virtual server and change the destination IP and give it a new name... so now I'm dealing with new names for these... or maybe rename the old one.. oh, thats right, they don't let you rename a virtual sever (or much of anything for that matter).
The little irritating things that would make life so much simpler.. awesome product, just a lot of strange, basic things, you just can't do..
- BockyBoy_1026Hi Brad, Obviously I did complete this sometime ago now - but in the end, what I did was get a copy of the bigip.conf file and "massaged" it to both rename the existing VS, and create new VS. I then uploaded the file back to the F5, did a syntax check and then loaded it up into config. As I had a HA pair, I performed the changes on the second F5, and checked it all through the gui. then did a config sync. In my environment there was no downtime when I did this, and it took a total of about 10 minutes. Im not surprised that people mentioned this method to me - it was pretty quick and painless. Just as an FYI - almost anything can be renamed in this manner. I agree it would be nice to do through the GUI sometimes, but its not that bad to edit the file directly.
- StephanMantheyRenaming objects is on many customers wishlist since a long time. The challenge is probably the internal name based referencing. Other vendors approaches using an index as identifier per configuration object are making a developers life probably easier. With TMOS v11.6 (available for download now) objects can be renamed according to the release notes. But I didn´t check the new feature by now.
- StephanManthey
How about just creating a file as described by BockyBoy above:
tmsh list ltm virtual | sed -r -e 's/^ltm virtual ([^\{ ]*)/ltm virtual \1_tmp/g' -e '/vs-index .*$/d' > /shared/vs_tmpIn /shared/vs_tmp you will find a list of all current virtual servers with the extension "_tmp" in their name. Now it´s just about to modify the destination IPs i.e. via vi and to merge the modified file to the running configuration, save and sync.
tmsh load sys config merge file /shared/vs_tmp tmsh save sys configIf you can provide a list of old and new addresses by a i.e. comma separated file it can easily be used as a sed-dictionary to automatically replace all destination IPs in the merge file. Please let me know, if I can help with it.
PS: The described approach does not cover the referenced virtual servers inside iRules or i.e. ICAP profiles. - nitass
With TMOS v11.6 (available for download now) objects can be renamed according to the release notes.
e.g.
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list sys db mcpd.mvenabled sys db mcpd.mvenabled { value "false" } root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) modify sys db mcpd.mvenabled value true root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) mv ltm virtual bar newbar root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual newbar ltm virtual newbar { destination 172.28.24.10:80 ip-protocol tcp mask 255.255.255.255 pool foo profiles { http { } tcp { } } rules { qux } source 0.0.0.0/0 source-address-translation { type automap } vs-index 3 }
