Forum Discussion
Setup BigIP F5 VE 25mbps Good in an AWS VPC
Hello,
I've been trying for the last few days to setup Setup BigIP F5 VE 25mbps Good in an AWS VPC, based on these tutorials:
https://devcentral.f5.com/articles/f5-in-aws-part-2-running-big-ip-in-an-ec2-virtual-private-cloud
(and probably many, many more F5 documentation pages)
Desired setup:
1 Virtual Server (PublicIP1:PortN)
1 Pool
1 Node (PublicIP2:PortN)
Current situation:
Node is green, HTTP monitor is green. SSH -> curl to PublicIP2:PortN works.
Pool is green. Virtual Server is green. No firewall is blocking the connections.
However... the connection to PublicIP1:PortN does not work. BigIP does not have any IPs for eth0 and eth1 when I ifconfig, even though they should both have IPs (and they have Elastic IPs associated in AWS).
The web UI just shows me interface 1.1, as uninitialized... :(
I can provide any debugging information needed, just tell me where to get it since I'm obviously a BigIP newbie :)
- costincaraivan_Nimbostratus
Coming back with some more details. I've managed to get past the uninitialized interface and have mostly been following this guide: https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ve-setup-amazon-ec2-12-0-0/2.html
However, when I connect to the Elastic IP bound to the second IP on the third network interface, the one used for the Virtual Server's external IP, the connection is reset.
tcpdump shows me something like this when trying to connect to the Elastic IP: PortN:
AWS private IP used by external interface:PortN > web server IP:TotallyRandomPort (instead of PortN). I don't think this is normal and from what I can see everything is configured correctly regarding the ports, I can't see this random port number anywhere in the web UI. (nevermind, I think it's the port from the already established TCP connection to the backend, I think...; still overall there's no connection through Bigip)
Any ideas/tips for troubleshooting?
- costincaraivan_Nimbostratus
Moving a bit forward, I think there's a routing issue:
show /net rst-cause
TCP/IP Reset Cause
No flow found for ACK 39 No route to host 311 Port denied 10
The connections are reset, the reset counter is incremented with "no route to host" every time I refresh the Firefox tab. Now I'm trying to figure out which route is missing...
- Jeff_Giroux_F5Ret. Employee
Review our latest F5 templates on GitHub for AWS CFT deployments of BIG-IP. Does this help? These templates take care of all the routing and/or explaining in the README files.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com