Forum Discussion

Caio_178191's avatar
Caio_178191
Icon for Nimbostratus rankNimbostratus
Apr 09, 2015

Translation box in VS of GTM. Why we need that?

Hi, good morning.

 

I was reading this article to try to understand why we need use the translation box in VS of GTM (When we add it manually).

 

https://support.f5.com/kb/en-us/solutions/public/14000/700/sol14707.html?sr=45023722

 

I understand that wee need to fill it with the internal IP address if the LTM is under a firewall that is making NAT processes.

 

But my question is, why we need to fill this box if GTM will communicate with LTM using the IP that is in the address box(and this address will be public)?

 

We also did a tcpdump in this scenario, and we see that Health Monitor use the IP that is in Address box to monitor the LTM. So, why wee need to fill translation box? For what it use for?

 

Thanks.

 

availability
BIG-IP Access Policy Manager (APM)
security
TMOS
TMSH

2 Replies

  • amolari's avatar
    amolari
    Icon for Cirrostratus rankCirrostratus
    Apr 09, 2015

    If your LTM VS are not NATed on their way to outside (GTM), you do not need the translation.

     

  • gsharri's avatar
    gsharri
    Icon for Altostratus rankAltostratus
    Apr 09, 2015

    The key is this sentence in SOL14707: "The metrics retuned from an iQuery probe are based on the private network IP address configuration of the probed device."

     

    So even though the GTM BIG-IP monitor (iQuery) is directed at the public address all of the metrics which LTM reports to the GTM contain the private LTM addresses. Since GTM knows about those private address due to it's "translation" field, the metrics can be matched up correctly with the public address in GTMs "address" field.