Network type virtual server

Hi,

BigIP appliance can have multiple appliance but never route between interfaces. IP forwarding is disabled in the linux OS.

The only solution to route traffic between interfaces is to configure the TMOS to handle the traffic.

To handle the traffic, TMOS require a

listener

object.Listener objects are be:

• NAT
• SNAT
• Virtual server

in a topology with:

Net_A (192.168.1.0/24) - F5 Self IP (192.168.1.1) - TMOS - F5 Self IP (192.168.2.1) - Net_B (192.168.2.0/24)

to route connection from 192.168.1.10 to 192.168.2.20, you must create a virtual server with:

• Destination : 192.168.2.0/24 Port 0
• Translate destination : disabled
• Translate port : disabled
• Enable on VLAN Net_A

Hi,

 

After testing (v13 VE) here is behavior of ICMP Echo setting for Virtual Address (hope will be of some help for others):

 

• VS set with IP on the same subnet as SelfIP (most common configuration I guess):
  • ICMP Echo Disabled: no answer to ping no matter what is status of VS or VIP
  • ICMP Echo Enabled: ping reply send from BIG-IP no matter what is status of VS or VIP
• VS set with IP not on any SelfIP subnet (to reach VS, traffic has to be directed to SelfIP), ARP Disabled:
  • ICMP Echo Disabled: ping is send to node (BIG-IP is not answering ping). Of course both VS and Pool Members has to be configured in a way allowing ping to be accepted (like any port/any protocol). If Pool is down ICMP net "VS IP" unrechable – admin prohibited is send from BIG-IP
  • ICMP Echo Enabled: same behavior as for first VS above - ping always answered by BIG-IP

Of course there is one more option Selective, I think it's the best one if someone would like to use ping to monitor state of VIP. Provides results that are closely related to state of both VS and VIP.

 

Piotr