Forum Discussion

Altocumulus

Jul 25, 2023

Windows File Share via F5 VIP

So I've read a couple posts on here regarding using a VIP to forward file sharing requests to a pool and haven't been able to get anything working.

I've tried:

A VIP running all ports/services and pool members with all ports/services
A VIP listening for 445 requests and pool members using 445
A VIP with no pool and just an iRule to handle traffic forwarding where it does an attempt to the first node and will try another if the first one fails

All haven't gotten me very far, but I'm starting to think what I'm doing isn't actually a 'Windows File Share'

I perform some service checking where one server will look for the existence of a file doing something like '\\server-name\c$\Dir1\Dir2\file.txt' and then make a decision based on whether or not it can reach that file.

To add redundancy I thought about trying to do this via a VIP so that if one server was offline, it would check the other node in the pool for the same path and then just assign a new host file alias to the VIP IP.

I read one post that said doing anything related to file sharing is just a no-no and not worth the trouble, thought I'd try anyways lol

Any ideas?

Thanks

devops

Log4j2
Aug 02, 2023
So I ended up getting this working by following the steps outlined here under the SMB Configuration Table on page 8
Deploying the BIG-IP system with Microsoft App-V (f5.com)
Works great now!
Thanks for your added help Paulius

whisperer
MVP
Jul 26, 2023
Did you enable source NAT on the VIP?
Paulius
MVP
Jul 26, 2023
Log4j2 Is your F5 in path between the client and destination pool members? If the F5 is not in path then you will most likely have to enable SNAT like whisperer has mentioned. A topology of the path the client takes to get to Virtual Server (VS) and ultimately the pool members would assist in coming up with the correct configuration for your situation. If you enable SNAT you should create a new snatpool with the VS IP in it and use that rather than automap.
- Log4j2
  Altocumulus
  Jul 26, 2023
  Paulius I put together a quick flow of current state and what I'm trying to achieve
  In the new flow, the VIP IP is a host entry on all servers known as, for this example, 'vip-alias'.
  - Paulius
    MVP
    Jul 27, 2023
    Log4j2 Based on what you provided this is in path between the source and the destination so you should not need SNAT. What information are you seeing when you perform a tcpdump on the F5. You can try the following to see what you get. This should save the file and then allow you to open it up in wireshark.
    
    tcpdump -nni 0.0:nnp host <vs_IP> -w /shared/tmp/mycapture.pcap