self IP address

Question

Hello,&nbsp;
I am under so much of confusion right now. Hope someone can help me.&nbsp;
 &nbsp;
I got the following extract from http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos_management_guide_10_1/tmos_intro.html1023688.&nbsp;
 &nbsp;
"Each VLAN you create has its own self IP address. The BIG-IP system uses this address as the source IP address when sending requests to hosts in a VLAN, and hosts in a VLAN use this IP address as the destination IP address when sending responses to the BIG-IP system."&nbsp;
 &nbsp;
But from all the f5 training I did from the online F5 university and in person, I learnt that the F5 uses the original client address as the source IP address when sending requests to hosts in the internal vlan, unless SNATing or NATing has been configured.  The self IP address is just the default gateway for hosts on that vlan. Am I right?&nbsp;
 &nbsp;

kevin_stewart · Answer

Admittedly it is confusing. A self IP provides at least THREE functions (though many more): 
&nbsp;  
&nbsp; 1. It is the source address when Automap SNATting. 
&nbsp;  
&nbsp; 2. It can be the default gateway for systems on an internal VLAN. 
&nbsp;  
&nbsp; 3. It provides a "route hint" mechanism to the BIG-IP system, when more explicit routing isn't defined, so that it knows which VLAN to send traffic to. &nbsp;

newbie_48881 · Answer

HI Kevin, 
&nbsp;  
&nbsp; I know about the first two point you mentioned but I haven't dealt with : 
&nbsp;  
&nbsp;  3. It provides a "route hint" mechanism to the BIG-IP system, when more explicit routing isn't defined, so that it knows which VLAN to send traffic to.  
&nbsp;  
&nbsp; Would you be able to point me to an article or something that talks about it? &nbsp;

nitass · Answer

Would you be able to point me to an article or something that talks about it? i understand it means "connected subnet". 
  
 e.g. 
 root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list net self 172.28.20.11/24
net self 172.28.20.11/24 {
    address 172.28.20.11/24
    allow-service {
        default
    }
    traffic-group traffic-group-local-only
    vlan external
}
root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list net self 200.200.200.11/24
net self 200.200.200.11/24 {
    address 200.200.200.11/24
    allow-service {
        default
    }
    traffic-group traffic-group-local-only
    vlan internal
}
root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) show net route 172.28.20.0/24

----------------------------------------------------------------------
Net::Routes
Name            Destination     Type       NextHop           Origin
----------------------------------------------------------------------
172.28.20.0/24  172.28.20.0/24  interface  /Common/external  connected

root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) show net route 200.200.200.0/24

--------------------------------------------------------------------------
Net::Routes
Name              Destination       Type       NextHop           Origin
--------------------------------------------------------------------------
200.200.200.0/24  200.200.200.0/24  interface  /Common/internal  connected

Forum Discussion

self IP address

3 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Software Downgrade from version 17.x.x to 15.x.x

Error diskmonitor

CPU utilization of F5OS on r2600

sslprovide (--f5 ssl) does not generate CLIENT/SERVER_TRAFFIC_SECRET on server-side TLS traffic

Hardware replacement i2800 to r2600

Related Content

F5 Distributed Cloud - Traffic Steering based on Client IP Address

Addressing Shadow AI with F5 BIG-IP SSL Orchestrator

BIG-IP Next for Kubernetes, addressing today’s enterprise challenges

SNAT IP address logging

Public IP address display

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS