For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Eric_Frankenfie's avatar
Eric_Frankenfie
Icon for Nimbostratus rankNimbostratus
Aug 10, 2010

Virtual Route Table for VS

Is there a way to create a separate route table for a VS? I have devices that are local to the LTM that need to FTP to a new VS. My existing configuration requires using 10.206.173.1 as the default ...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Aug 11, 2010
So a client on the 10.206.0.0/22 or 10.206.173.0/24 subnet establishes a connection to an LTM VS on the 10.206.0.0/22 subnet. The pool members are not on a local LTM subnet. They're on a subnet which is routed through the firewall. Connections to the FTP server pool are SNATed using a 10.206.0.0/22 source IP. However, the outbound connection to the non-local FTP servers goes out the 10.206.173.0/24 subnet's VLAN and come back in over the 10.206.0.0/22 subnet's VLAN from the firewall.

 

 

Is that an accurate summary of the issue? What are the actual symptoms of the issue? Do the FTP connections work, but you get alerts on the firewall? Or is there a layer 3 issue with the IP addresses?

 

 

Could you change the SNAT IP to one on the 10.206.173.0/24 subnet?

 

 

You cannot configure routing specific to a load balancing virtual server. So there hopefully will be another solution to the issue.

 

 

Aaron