Forum Discussion

Michael_61103's avatar
Michael_61103
Icon for Nimbostratus rankNimbostratus
May 17, 2012

Unable to communicate with Email Server from behind F5 BIGIP LTM v10

Configuration:

 

My clients sit on VLAN 10 while my web app servers are on VLAN 120. My F5 Big-IP LTM v10 is configured between them, which I am told this is a 2-ARM configuration.

 

 

My issue:

 

I cannot send mail from my web app servers. The email server is on VLAN 10. I am also having the same problem with DNS requests. If I try to do a nslookup, it fails to resolve the name I am searching for. My DNS Server is also on VLAN 10.

 

 

Mike

 

  • Hamish's avatar
    Hamish
    Icon for Cirrocumulus rankCirrocumulus
    Do you have network virtual servers (ip forwarding) setup to pass the traffic for non load balanced ports and targets?

     

     

    H
  • Not sure what you mean exactly about non-load balanced ports and targets. We just purchased the Load Balancer(s) in November and we had an F5 engineer come out to configure and setup the F5.

     

     

    I have a few virtual servers setup to send various traffic to the node members. I have one that uses port 80, 554, 1521, 8554, 7980, and 445. All but the 1521 are listed as Standard Type, the 1521 port is a "Performance (Layer 4) Type.

     

     

     

  • Hamish's avatar
    Hamish
    Icon for Cirrocumulus rankCirrocumulus
    OK.

     

     

    By non-load balanced traffic I mean anything where you want to be routed directly across the LTM. Such as your SMTP traffic. As the LTM isn't a router, in order to 'route' traffic you need to do it with a (Usually network) virtual server. The easiest way is one on port 0 (All ports), for all protocols, of type forwarding (ip).

     

     

    As long as the destination IP of the packet matches the network VS IP/mask it'll be forwarded based on the TMM routing table (i.e. to defined VLAN's with selfIP addresses).

     

     

    You can get more complicated from that to enforce fire walling etc. But a single VS on 0.0.0.0/0.0.0.0 and port 0 would doit.

     

     

    H
  • So if I understand you correctly, say I have a virtual server with ip address 192.168.1.10 and have it assigned port 0. This will route all traffic that is not otherwise specified such as 192.168.1.10 port 80.