Forum Discussion
Spidey_29396
Nimbostratus
Nimbostratusre: Problem in making F5 self IP as a gateway
I have this problem. I attached simple diagram of their set up. Original setup, the core router is the gateway of all the servers and we are using SNAT at VIP to return traffic to F5. The server admin...
Hamish
Cirrocumulus
CirrocumulusI can't see the diagram. However I'm not convinced proxy-arp is your solution.
I usually place the BigIP as the actual router for the pool member VLANs where SNAT is not wanted. No other connection into that VLAN from your core routers (i.e. remove the SVI and add a static route to the pool member VLAN via the BigIP 'external' interface. The BigIP 'internal' interface then is the router address for the load-balanced vlan.
Proxy arp would tend to indicate to me that you're trying to do this in a flat network. So I suspect that perhaps your clients and servers are on the same subnet? In which case the gateway won't be used to talk back to the clients. And traffic just goes back direct. (Without SNAT clients can't be on the same subnet as the servers, UNLESS you can do something at the poolmember/server to force traffic via the BigIP. e.g. policy routing with iptables on Linux).
H