Forum Discussion
Setting BIG-IP LTM Virtual Server for two SQL Servers nodes
I've created BIG-IP Virtual Edition instance in Amazon EC2 using this tutorial.
I've followed this tutorial to configure BIG-IP System as an MS SQL Database Proxy. There were couple things that I didn't get in "Creating a database proxy virtual server" section:
- For the Destination setting, in the Address field, type the IP address you want to use for the virtual server. The IP address you type must be available and not in the loopback network.
- In the Service Port field, type 1443.
Which IP address should I use in destination field? Public IP, which I use to connect to BIG-IP WEB UI?
Why it says set service port to 1443, not 1433, which is default to SQL Server?
For now I set public IP and 1443 port and tried to verify connection using UDL file
I have two DB nodes and when trying to verify connection directly to their IP addresses - connection succeeds. But when I try BIG-IP public IP - connection fails with the following error message:
Test connection failed because of an error in initializing provider. [DBNETLIB][ConnectionOpen (Connect()).]SQL Server does not exist or access denied.
Both nodes are enabled and available in LTM (Local Traffic Manager).
Any ideas what I'm doing wrong?
- Daniel_EppersonEmployee
The IP in the Virtual Server destination field will be a private address from AWS on the "external" interface. You'll then assign an Elastic IP to that address if you need public access to the Virtual Server. The port you pick on the service port isn't important as long as the UDL file is configured to match. The UDL will need to specify the Elastic IP instead of the private address if you are connecting over the internet to the virtual server.
- Daniel_EppersonEmployee
I was able to view your qkview. Your node addresses appear to be public IPs. Depending on where your nodes live, maybe this should be the private addresses.
Notice that all of the BIG-IP configuration level addresses are private. There are no default routes configured on your BIG-IP, thus causing the 'no route to host' errors. You either need to use link-local pool member addresses (private) or provide a gateway to route traffic to the public addresses.
Do your pool members live in the same VPC as the BIGIP?
- Daniel_EppersonEmployee
The pcap shows source 184.70.137.34 trying to hit 172.30.5.31 in the non-working case. I do also see working traffic (monitors) sourced from 172.30.5.95. To me this says your SNAT configuration (or lack thereof) is breaking the traffic. Consider enabling SNAT Automap on the virtual server.
https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-concepts-11-4-0/18.html
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com