Forum Discussion
Marc_Jones_4616
Nimbostratus
NimbostratusSource address
We have 2 F5 LTM's in a HA pair. They are placed on a Cisco switch in a L3 environment. All servers default gateways that use the F5 use the Cisco switch as the DG.
We are now starting to place applications through the F5, that use http and require the source address to be seen by the application, and not the F5 address.
We currently have the configuration setup so that the Virtual server uses a Automap, but all sources address are the F5. In order to view the Source address for our applications, what are the best methods to use? Should we be changing the configuration of the servers so that the DG is the F5? should be using xforwarded for? or install a dll? should be upgrading our version? what is the best configuration for our setup?
3 Replies
- The_BhattmanYou have 3 from what I can think of.
1. You could use x-forward if your application is web based. Your application will need to know how to log it in order for that to work correctly. This is ofcourse limited to http standards.
2. Repoint the servers DG to the F5, which is primary the default scenario that I have seen from F5.
3. Introduce Policy based Routes (Pbr) on the Cisco switch L3. Basically the servers continue to point to the L3 switch for the DG. The Pbr will provide you the mechanism to flow the traffic to other networks that live on the Cisco L3 and and direct traffic traffic back to the LBs for everything else. You can base the Pbr on source and destination addresses.
Hope this helps
CB 
Marc_Jones_4616cheers cmbhatt
if i went with scenario 2, would i have to turn off layer 3 Cisco switch? although the default gateway would be the F5, it would all physically be connected to the Cisco switch?- The_BhattmanNo you don't have to.
