Forum Discussion
configure nat64 using module CGNAT
Hello, I'm a newbie in F5 product. I doing ATP test for my customer and there is an NAT64 test case.
I follow this link for configuration: https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-cgnat-implementations-13-1-0/2.html
But i can't see LSN pool in carrier grade nat when i enable module CGNAT provisioning.
I use big ip version 15.1.2 and my device is strongbox i7800
- nathe
Cirrocumulus
The setup wizard will take you through the vlan/self ip setup for you. In the GUI, click on the f5 button for the home page and the setup link is on there.
Pool/VS setup help might I refer you to f5's free online training at university.f5.com
Hope this gets you started,
N
- StephanManthey
Nacreous
Hi vmwaretrain,
make sure to have at least 3 network interfaces assigned to your VE guest machine. Here is an excerpt from my .vmx file:ethernet0.present = "TRUE" ethernet0.vnet = "VMnet0" ethernet0.connectionType = "custom" ethernet0.virtualDev = "vmxnet3" ethernet0.wakeOnPcktRcv = "FALSE" ethernet0.addressType = "static" ethernet0.address = "02:F5:F5:AC:01:01" ethernet1.present = "TRUE" ethernet1.vnet = "VMnet1" ethernet1.connectionType = "custom" ethernet1.virtualDev = "vmxnet3" ethernet1.wakeOnPcktRcv = "FALSE" ethernet1.addressType = "static" ethernet1.address = "02:F5:F5:AC:01:02" ethernet2.present = "TRUE" ethernet2.vnet = "VMnet3" ethernet2.connectionType = "custom" ethernet2.virtualDev = "vmxnet3" ethernet2.wakeOnPcktRcv = "FALSE" ethernet2.addressType = "static" ethernet2.address = "02:F5:F5:AC:01:03"
Ethernet0 will automatically be used for the management interface.
You can use the VMware console to modify the management IP via the command line tool "
" or via tmsh using "config
" / "tmsh modify sys management-ip
" syntax. Ethernet1 and ethernet2 will be associated with the interfaces 1.1 and 1.2 of your virtual appliance. Running "tmsh show net interface" will report them as "unitialized" as long as you are not assigning them to VLANs. VLAN assignment and association with Self IP addresses can be done by tmsh as well (i.e.):tmsh modify sys management-route
tmsh create net vlan vlan_test interfaces add { 1.2 } tag 102
Self address configuration via tmsh (i.e.):
tmsh create net self self_test address 10.100.10.102/24 vlan vlan_test allow-service none
Afterwards it will be necessary to save to startup config (required for changes via tmsh only):
tmsh save sys config
If you have matching configurations on the virtual interfaces of your hypervisor or second LTM VE you should be able to establish communication between systems.
Please note, that I activated port lockdown for the self IPs as it is best practice for interfaces in production networks. If you want to use interfaces for administrative purposes or inband management you would modify the parameter i.e. as follows "
". Thanks, Stephanallow-service default
- vmwaretrain_137
Nimbostratus
Hi Stephan, I have three networks Management - 10.1.1.0/24 VM Network - 192.168.1.0/24 Internet - 130.100.1.0/24
I have gone through the set up utility setting up the management ip mask gateway using the config command. Then in the GUI from my management virtual machine that has a NIC on the MGMT network, i have set up the self IP s via the set up utility (thanks nathan). I have untagged 1.1 to the VM Metwork and 1.2 to the internet network and am able to ping the adresses on the BIG IP from servers on the Internet network and the VM nework and also ping out wards from the BIG IP interface. This is where it got confusing.
As all routes were pingable I went about setting up my first pool to load balance some servers in my LAB. I have an SQL cluster and I added these IP addresses to the pool using HTTP. When I finished the status is red. what can this be. why can i not see the devices from by big ip on port 80.
- StephanManthey
Nacreous
Hi vmwaretrain, I guess it is just failing monitors. If you assign a "gateway_icmp" monitor instead, the pool should become available. To monitor SQL servers you will probably need a custom monitor. Do the poolmember port settings match the service ports of the SQL servers? A plain tcp-monitor should mark them as "up" as well. Thanks, Stephan
- vmwaretrain_137
Nimbostratus
Hi Stephan
Adding the gateway_ICMP done the trick :).
I have added IIS Web services as a test instead and tried to connect a few times to the VIP and I can now see the round robin load balancing in effect.
Thanks