Dig deeper into Ansible and F5 integration
Hi,
You do not need to have a default gateway if you have L2 connectivity to your external (Client traffic) and your internal (server traffic), but if your servers are on a different subnet and you need to tell BIG-IP how to route to that subnet then yes you do need specify static routes. Though it is good practice to specify a default route.
Example of adding a static route:
- name: Add route(s)
bigip_static_route:
server: "{{bigip_ip}}"
user: "{{ bigip_username }}"
password: "{{ bigip_password }}"
name: "{{item.name}}"
gateway_address: "{{item.gw_address}}"
netmask: "{{item.netmask}}"
destination: "{{item.destination}}"
validate_certs: "no"
with_items: "{{static_route}}"
Associated variable file:
static_route:
- name: "default"
gw_address: "10.168.68.1"
destination: "0.0.0.0"
netmask: "0.0.0.0"
Yes if your backend servers are not on the same subnet you have two options: 1) Set SNAT to 'Automap' on the Virtual server, this will change the source IP address to the internal Self-IP address of the BIG-IP, so the return traffic will be forced to go back through the BIG-IP 2) If you donot want to use Automap , point all your backend servers default route to the internal Self-IP address of the BIG-IP
Thanks