cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Adding a /24 network as a pool member?

Johnny_Dunlop
Nimbostratus
Nimbostratus

Hi,

 

I am configuring a Virtual Server with one LTM pool that needs to contain an entire /24 network as the IPs within this network are dynamic.

 

The IP's within this network are configured within kubernetes as LoadBalancer service IP's that are routable.

 

Since Kubernetes will dynamically assign these IP's, I would like to include the entire network as the pool member.

 

Is there a way to do this? I tried adding just the /24 as a node and add that to the pool but that doesn't seem to work.

 

If there is a better way to accomplish this, I am open to suggestions. Thanks in advance!

4 REPLIES 4

Lidev
MVP
MVP

Hello Johnny Dunlop,

 

I think you can use Virtual Server forwarding features to accomplish this :

https://support.f5.com/csp/article/K7595

 

Regards

Johnny_Dunlop
Nimbostratus
Nimbostratus

Hello!

 

This is very close to what I want. However, I need a Virtual Server that maps to the GTM record.

 

As an example.. I want to have the GTM resolve test.apps.company.com to a Public IP that external users hit. Then I want the Virtual Server that has this Public IP to send traffic to an internal subnet.

 

So the destination address for the Virtual Server needs to be the public IP, but forward traffic to the internal subnet 172.23.61.0/24 as an example.

 

Is this possible?

 

Thanks!

Hi Johnny,

Sorry for the late reply, I don't see any caveat on this solution. Test it and give us the result !

 

Regards

It does not seem to work this way.

 

When you create an IP forwarding virtual server, you are saying any traffic that comes to the F5 devices destined for a specific network will be forwarded.

 

What I need is a Virtual Server listening on a given IP example: 199.233.26.111 but once the Virtual Server receives the traffic, forward it to a network. This does not seem to be possible and F5 confirmed we cannot have a pool member as a network. It can only be a specific IP.