Forum Discussion
Put F5 in the network as inline router running OSPF and LB HTTP traffic toward cache machines
Hi Dears. I work for a service provider company and I wonder if I ask you give me a solution resolving by BIG IP 12.0.0. I need to know can I put F5 BIG-IP in the network as inline router and running OSPF on it, then load balance merely HTTP/tcp/80 traffic toward cache machines pool at the same time? In this design all reach-ability in my network between internet and users provided by BIG-IP connecting to edge and core router, so traffic will pass through the F5 and approach to the internet because OSPF learned default route from edge router and my inside users prefixes from my core router. Is this type of design is possible? If It's, could you possibly help me around the configuration? Note! I'm not going to use any type of policy base routing on my edge and core routers to send desirable traffic to F5, It suppose to work as a router and merely sends HTTP traffic to the cache machines pool, all traffic exempt HTTP will be routed using OSPF routes learned from edge and core router. Best regards.
Hi JJ
This is very much possible, even if you place your F5 inline. Since you're on ISP backbone, I would suggest to carefully select high end F5 LTM platforms to handle huge traffic volumes. Such as the VIPRION platform. In order to use OSPF (or any dynamic protocol), you need to buy ARM license (Advanced Routing Module) from F5. Refer to this link:-
https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-ip-routing-administration-11-2-0/4.html
Now for the LTM part, you have to use two types of virtual servers. First, an IP forwarding virtual server (L3), so as to forward default traffic towards your upstream routers. Second is your http (port 80) virtual server, which will intercept all traffic to Internet on port 80 and re-direct this to your pool of caching servers, for load balancing. Also, your cache servers should again point back to the F5 and use L3 IP forwarding virtual server to reach the Internet.
https://support.f5.com/kb/en-us/solutions/public/7000/500/sol7595.html
It is somewhat similar to a PBR on the F5 LTM. See this below link:-
https://devcentral.f5.com/questions/how-to-config-pbr
Cheers
Sumanta.
Hi JJ
This is very much possible, even if you place your F5 inline. Since you're on ISP backbone, I would suggest to carefully select high end F5 LTM platforms to handle huge traffic volumes. Such as the VIPRION platform. In order to use OSPF (or any dynamic protocol), you need to buy ARM license (Advanced Routing Module) from F5. Refer to this link:-
https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-ip-routing-administration-11-2-0/4.html
Now for the LTM part, you have to use two types of virtual servers. First, an IP forwarding virtual server (L3), so as to forward default traffic towards your upstream routers. Second is your http (port 80) virtual server, which will intercept all traffic to Internet on port 80 and re-direct this to your pool of caching servers, for load balancing. Also, your cache servers should again point back to the F5 and use L3 IP forwarding virtual server to reach the Internet.
https://support.f5.com/kb/en-us/solutions/public/7000/500/sol7595.html
It is somewhat similar to a PBR on the F5 LTM. See this below link:-
https://devcentral.f5.com/questions/how-to-config-pbr
Cheers
Sumanta.
- JJ_Eli_270375NimbostratusDear Sumanta. Thanks for your consideration. I wonder if you check, is it popular using BIG-IP VPR devices as inline routers in a service provider IP core network for 40 Gb/s internet? Yours faithfully. Best regards.
- Hi JJ I have deployed 80 Gbps inline with VIPRION 2400 series platform running 2250 blades in Telco set-up. You can also try the newly launched 4450 blades. Regards, Sumanta.
- JJ_Eli_270375NimbostratusThanks Sumanta. It was nice having conversation with you!
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com