Forum Discussion

Log4j2's avatar
Log4j2
Icon for Altocumulus rankAltocumulus
Jul 25, 2023

Windows File Share via F5 VIP

So I've read a couple posts on here regarding using a VIP to forward file sharing requests to a pool and haven't been able to get anything working.

I've tried:

  • A VIP running all ports/services and pool members with all ports/services
  • A VIP listening for 445 requests and pool members using 445
  • A VIP with no pool and just an iRule to handle traffic forwarding where it does an attempt to the first node and will try another if the first one fails

All haven't gotten me very far, but I'm starting to think what I'm doing isn't actually a 'Windows File Share'

I perform some service checking where one server will look for the existence of a file doing something like '\\server-name\c$\Dir1\Dir2\file.txt' and then make a decision based on whether or not it can reach that file.

To add redundancy I thought about trying to do this via a VIP so that if one server was offline, it would check the other node in the pool for the same path and then just assign a new host file alias to the VIP IP.

I read one post that said doing anything related to file sharing is just a no-no and not worth the trouble, thought I'd try anyways lol

Any ideas?

Thanks

  • Log4j2 Is your F5 in path between the client and destination pool members? If the F5 is not in path then you will most likely have to enable SNAT like whisperer has mentioned. A topology of the path the client takes to get to Virtual Server (VS) and ultimately the pool members would assist in coming up with the correct configuration for your situation. If you enable SNAT you should create a new snatpool with the VS IP in it and use that rather than automap.

    • Log4j2's avatar
      Log4j2
      Icon for Altocumulus rankAltocumulus

      Paulius I put together a quick flow of current state and what I'm trying to achieve

      In the new flow, the VIP IP is a host entry on all servers known as, for this example, 'vip-alias'.

       

      • Paulius's avatar
        Paulius
        Icon for MVP rankMVP

        Log4j2 Based on what you provided this is in path between the source and the destination so you should not need SNAT. What information are you seeing when you perform a tcpdump on the F5. You can try the following to see what you get. This should save the file and then allow you to open it up in wireshark.

        tcpdump -nni 0.0:nnp host <vs_IP> -w /shared/tmp/mycapture.pcap