Forum Discussion

t_rajneesh_2252's avatar
t_rajneesh_2252
Icon for Nimbostratus rankNimbostratus
May 09, 2016

Wanted to use same public IP for different VS

Hi,

 

I have set up multiple Virtual servers(VS) on F5 LTM and wanted to use only one public IP to map to all different VS (i.e,that supports different url's which are hosted on different VS) & also public IP can be mapped on FireWall with only one VIP.

 

I'm new to this kind of requirement. Kindly help me how can I achieve this requirement.

 

Regards, Rajneesh

 

application delivery
devops
iRules
LTM

4 Replies

  • alex100's avatar
    alex100
    Icon for Cirrostratus rankCirrostratus
    May 09, 2016

    You could use a layered VS concept to accomplish that. Have your public IP NATed to VS and use local traffic policy to forward traffic to your target virtual servers based on host names.

     

  • t_rajneesh_2252's avatar
    t_rajneesh_2252
    Icon for Nimbostratus rankNimbostratus
    May 09, 2016

    Example:

     

    On LTM, We have three different Virtual servers (VIP's) created with different pool names and different members hosting different url's, which should be accessible via internet.

     

    VIP1-Pool1-node1+node2-- host x.abc.com website

     

    VIP2-Pool1-node3+node4-- host y.abc.com website

     

    VIP1-Pool1-node1+node2-- host Z.abc.com whebsite

     

    But we have only one public IP to do NAT FW and achieve this functionality.

     

    I think either one can be used Name based virtual hosting or http host header but I'm not aware which one and how to proceed

     

    Please suggest a way get this working.

     

  • alex100's avatar
    alex100
    Icon for Cirrostratus rankCirrostratus
    May 09, 2016

    OK, here is what I am suggesting: Create another virtual server on Big-IP (let's name it VIP-PXY). Nat public IP to this VS on the FW. This VS (VIP-PXY) will not be associated with any pools. Instead you will use a local traffic policy to forward inbound http traffic to VIP1, VIP2, VIP3 based on hostnames. You will need to create LT policy as follow:

    -----------------------------------------------------------
Create new Local traffic policy

Strategy: first-match
Requires: http
Controls: forwarding
Now you will need to create 3 rules (one for each host name)
Rule1:

IN conditions section specify below:

Operand:http-host

Event:  request

Selector:host

Condition:equals

Values:x.abc.com

------------------------
In Actions sections specify following:


Target: forward

Event:  request

Action: select

Parameters: virtual-server

Value: select VIP1 from dropdown (VIP1, VIP2 and VIP3 all need to be in the same partition)

    Now create 2 more rules for VIP2 (y.abc.com) and VIP3 (z.abc.com) based on the policy rule for VIP1.

    Associate policy with VS (VIP-PXY) under VS resources. You will need to associate http profile with VS (VIP-PXY) and set address translation to SNAT AutoMap.

  • Stanislas_Piro2's avatar
    Stanislas_Piro2
    Icon for Cumulonimbus rankCumulonimbus
    May 09, 2016

    Hi,

     

    Alex solution is the solution to hide several virtual servers behind one virtual server. But are you sure you need one virtual server per URL?

     

    you can create only one virtual server with the same logic as alex gave but with action :

     

    forward select pool Pool1