BIG-IP integration with Azure Gateway Load Balancer

Introduction Microsoft just announced the Gateway Load Balancer. This is a new load balancer sku to go along with the existing types of Basic and Standard, however, this is aimed at sending traffi...
Published Nov 02, 2021
Version 1.0
Azure
BIG-IP
cloud
security
MichaelOLeary's avatar
Icon for Employee rankEmployee
I'm a Solution Architect at F5. Over the years I've become an expert in Kubernetes and cloud architectures. I publish articles and blog posts to share as much knowledge as possible. I love hanging out with colleagues and customers, so reach out any time!
View Profile
MichaelOLeary's avatar
Icon for Employee rankEmployee
I'm a Solution Architect at F5. Over the years I've become an expert in Kubernetes and cloud architectures. I publish articles and blog posts to share as much knowledge as possible. I love hanging out with colleagues and customers, so reach out any time!
View Profile
MichaelOLeary's avatar
MichaelOLeary
Icon for Employee rankEmployee
Jun 22, 2023

Hi antonym ,

Sorry, I see your question is from February but I wasn't notified of it, so I am only just coming across it. The answer to your question is a little complex, but you actually can proxy traffic (ie, use LTM functionality) but you must use another network interface to send that proxied traffic out from. Then after the pool member's response, ensure that the traffic "returns back down the VXLAN tunnel" as you put it, without changing the 5-tuple (src ip, dest ip, src port, dest port, protocol).

It's complicated but it does work. That said, I just tell people to use the GWLB when they want ASM/AFM functionality, because that's what it's intended for. Hopefully that makes sense and sorry this answer comes so late!