Forum Discussion
NimbostratusNeed help for one to one static NAT case.
Hi Team,
Looking for help for one of the setup. We have DMZ switch and F5 is connected to this DMZ switch in one arm mode. We have a trunk link between DMZ and F5 switch. For VIP and servers VLANs , F5 is using the same trunk link.
We have one setup on Brocade, where we are doing one to one static NAT for backend servers.
We want to move that application setup is on F5 LB.
The current brocade setup is working fine but when we are moving this setup on F5 then it's not working.
On the DMZ switch side, We have one VIP VLAN which is in one VRF.
From the same VLAN, we are using IPs for one to one static NAT.
Servers are in different VLAN and server VLAN is not in the the VRF on dmz switch.
On the F5 , we have default route pointing towards the DMZ switch ( towards on of the VLAN IP , this is also not in any VRF on DMZ switch).
We don't have any route domain on F5 side.
If we move current NAT setup on F5 then we will create the one to one NAT on F5 with the same IPs. ( We will remove the NAT from brocade and create on F5).
Do we need to do anything else to working this setup on F5 ?
Any route domain we need to create on F5 ?
Thanks in advance !!
1 Reply
- Injeyan_Kostas
Nacreous
Hi,
I don't if it's only me, but I am very confused.
You say in switch you have 1 VIP VLAN from which you also use IP for 1 to 1 nat and this is 1 vrf. But then you say F5 has a default route to VLAN, which I am guessing is the same VIP VLAN, but you say it is not in VRF
Then you say servers are on another vlan which again is not in the vrf. Where is it, in another vrf?
Maybe a scheme would be better
In F5 you can have different vrfs as route domains and let traffic move from one to the other by disabling strict isolation to both route domains or configure on as parent to the other.
