Forum Discussion
genseek_32178
Nimbostratus
NimbostratusVIP URL Access Issue
Hi,
we ve a VIP as below
vritual VS_1
pool_1
destinatination 2.2.2.2:https
ip protocol tcp
persist persist_1
profiles tcp
vlans 10, 21 enable
VS_1 is mapped to a URL - https://active.txt
VIP is in vlan 30 ( 2.2.2.x/24)
Pool_1 has 2 members - 10.10.10.11 & 10.10.10.12 ( belong to vlan 10, Gwy is F5 )
Issue is - URL - is not accessible when accessed from Pool_1 members
i think it is issue with snat here...but not sure ..if the snat IP shud be from vlan 30 or vlan 10.
thanks
3 Replies
hoolioCirrostratus
The SNAT IP(s) should be on the same VLAN as the pool members. Else, the connection would need to be routed to the pool members via a different TMM interface and router.
Aaron
genseek_32178thanks for the response Aaron..i missed to report a piece of information..
a. in the current configuration, if host entry is made on the pool members, the URL is accessible.
b. in a ditto similar issue, we applied snat IP on the VIP VLAN and issue got resolved.
But you are saying snat should be in pool members VLAN..which contradicts to what we ve seen as working.
When you say - "Else, the connection would need to be routed to the pool members via a different TMM interface and router."
this means..if we enable SNAT IP in VIP vlan 30...you mean the connection from pool members would need to be routed to the pool members via a different TMM interface and router?- hoolioIf you apply SNAT for a different VLAN than the servers, TMM needs to have a route to get to the servers. And any intermediate devices between LTM and the servers must route the connections through to the servers. It's generally simpler to use a SNAT IP on the same subnet as the servers assuming TMM has a self IP on that VLAN.
Aaron
