Can a floating IP be the next hop for routing?

Question

Hello,Recently tried using HA in Route mode.Here is my structure :I thought floating ip can be the next hop of Route.So I set the next hop in Client Route as 1.1.1.3 &amp; Switch's is 2.2.2.3.However, when I browse VIP, I find that I can't pass...Can a floating IP be the next hop for routing?If not, how should I set ...Any Help is appreciate.

paulius · Accepted Answer

young19918&nbsp;
So from client 1.1.1.4 you are attempting to reach server on 3.3.3.1 on tcp/80 or possibly tcp/443? If your routing is in place and you can indeed ping 3.3.3.1 from 1.1.1.4 and the other way around then it could be your forwarding virtual server that is not allowing the traffic to pass through the F5. You should be able to perform a tcpdump on the active F5 of the following and see where the traffic is going.
tcpdump -nni 0.0:nnp host &lt;source_IP&gt; and port &lt;destination_port&gt;
tcpdump -nni 0.0:nnp host 1.1.1.4 and port 80
In your topology I would make the switch an L2 switch for the VLAN that sits behind the F5s and have the F5s and server be in subnet 2.2.2.0/24 with the gateway for the server being 2.2.2.3. If forcing the switch to be in routed servse another purpose for you then keep it but if not I wouldn't do it because it adds unneeded complexity without much benefit. If your intent is to be able to manage the switch by an IP you can always IP it from that same 2.2.2.0/24 subnet and reach it.

paulius · Answer

young19918 When the F5s are in routed mode and you have a floating IP configured for either HA or standalone it should absolutely be the destination for the next hop for networks on the apposing side of the F5. If you are not able to route traffic from one side of the F5 to the other it's most likely that your forwarding virtual server is not configured properly to accept and pass all traffic from one side to the other on the F5. The following is what I have configured for my lab device.
ltm virtual VS_FORWARDING_ALL {
    description "Catchall Forwarding VS"
    destination 0.0.0.0:any
    ip-forward
    mask any
    profiles {
        fastL4 { }
    }
    source 0.0.0.0/0
    translate-address disabled
    translate-port disabled
}
&nbsp;

young19918 · Answer

Hi&nbsp;Paulius&nbsp;,Thanks for your reply.After setting it up, Client and Server can ping each otherBut the Client cannot browse to the server through VIP, I tried to browse the Server directly without VIP, but it also failed ......

young19918 · Answer

Paulius&nbsp;,Thanks for your help.I have already fix it.

Forum Discussion

Can a floating IP be the next hop for routing?

4 Replies

Recent Discussions

About custome Response Blocking Page

Office Online Server with SharePoint 2016

health monitor source IP address

How to target only webview rendering with CSS?

ltm policy asm_auto_l7_policy

Related Content

F5 Distributed Cloud - Customer Edge Site - Deployment & Routing Options

BIG-IP BGP Routing Protocol Configuration And Use Cases

SNI Routing with BIG-IP

Layer 7 Content Routing in F5 XC

SNI Routing with DNS Lookup