configure nat64 using module CGNAT

The setup wizard will take you through the vlan/self ip setup for you. In the GUI, click on the f5 button for the home page and the setup link is on there.

 

Pool/VS setup help might I refer you to f5's free online training at university.f5.com

 

Hope this gets you started,

 

N

 

Hi vmwaretrain,

make sure to have at least 3 network interfaces assigned to your VE guest machine.

Here is an excerpt from my .vmx file:

ethernet0.present = "TRUE"
ethernet0.vnet = "VMnet0"
ethernet0.connectionType = "custom"
ethernet0.virtualDev = "vmxnet3"
ethernet0.wakeOnPcktRcv = "FALSE"
ethernet0.addressType = "static"
ethernet0.address = "02:F5:F5:AC:01:01"
ethernet1.present = "TRUE"
ethernet1.vnet = "VMnet1"
ethernet1.connectionType = "custom"
ethernet1.virtualDev = "vmxnet3"
ethernet1.wakeOnPcktRcv = "FALSE"
ethernet1.addressType = "static"
ethernet1.address = "02:F5:F5:AC:01:02"
ethernet2.present = "TRUE"
ethernet2.vnet = "VMnet3"
ethernet2.connectionType = "custom"
ethernet2.virtualDev = "vmxnet3"
ethernet2.wakeOnPcktRcv = "FALSE"
ethernet2.addressType = "static"
ethernet2.address = "02:F5:F5:AC:01:03"

Ethernet0 will automatically be used for the management interface.

You can use the VMware console to modify the management IP via the command line tool "

config

" or via tmsh using "

tmsh modify sys management-ip

" / "

tmsh modify sys management-route

" syntax.

Ethernet1 and ethernet2 will be associated with the interfaces 1.1 and 1.2 of your virtual appliance.

Running "tmsh show net interface" will report them as "unitialized" as long as you are not assigning them to VLANs.

VLAN assignment and association with Self IP addresses can be done by tmsh as well (i.e.):

tmsh create net vlan vlan_test interfaces add { 1.2 } tag 102 

Self address configuration via tmsh (i.e.):

tmsh create net self self_test address 10.100.10.102/24 vlan vlan_test allow-service none

Afterwards it will be necessary to save to startup config (required for changes via tmsh only):

tmsh save sys config  

If you have matching configurations on the virtual interfaces of your hypervisor or second LTM VE you should be able to establish communication between systems.

Please note, that I activated port lockdown for the self IPs as it is best practice for interfaces in production networks. If you want to use interfaces for administrative purposes or inband management you would modify the parameter i.e. as follows "

allow-service default

".

Thanks, Stephan

Hi Stephan, I have three networks Management - 10.1.1.0/24 VM Network - 192.168.1.0/24 Internet - 130.100.1.0/24

 

I have gone through the set up utility setting up the management ip mask gateway using the config command. Then in the GUI from my management virtual machine that has a NIC on the MGMT network, i have set up the self IP s via the set up utility (thanks nathan). I have untagged 1.1 to the VM Metwork and 1.2 to the internet network and am able to ping the adresses on the BIG IP from servers on the Internet network and the VM nework and also ping out wards from the BIG IP interface. This is where it got confusing.

 

As all routes were pingable I went about setting up my first pool to load balance some servers in my LAB. I have an SQL cluster and I added these IP addresses to the pool using HTTP. When I finished the status is red. what can this be. why can i not see the devices from by big ip on port 80.

 

Hi Stephan

 

Adding the gateway_ICMP done the trick :).

 

I have added IIS Web services as a test instead and tried to connect a few times to the VIP and I can now see the round robin load balancing in effect.

 

Thanks