Forum Discussion
NimbostratusRouting for servers behind an LTM
So I have no idea where to drop this question (besides support which can take quite a while for non-emergency questions) so here it is:
For each server behind our BigIP's, they have their default gateway set to the interface of the BigIP. However, they have to access private services that are behind our firewall. So on each server, we build static routes to point the gateway for a given private subnet at the firewall interface. That's all easy and stuff. But is there an easier way to do it? Isn't there a way to have the F5 forward that traffic to the firewall interface automatically? Thus we don't have to build static routes on the servers?
Thanks everyone!
2 Replies
- nitass
Employee
Isn't there a way to have the F5 forward that traffic to the firewall interface automatically?
doesn't static route on bigip and network ip forwarding virtual server work?
sol7595: Overview of IP forwarding virtual servers
http://support.f5.com/kb/en-us/solutions/public/7000/500/sol7595.html - Kevin_Stewart
I think it's arguably a question of who does the routing. You can certainly build similar routes on the F5 and have it forward the traffic, or you could enable SNAT so that the F5 doesn't have to be the server's default gateway.
