--update, managed route no longer included in newer templates--
The managedRoute range is the VIP range you want pointed to the F5. Assuming you want to assign 192.168.1.0/24 as a VIP range to your F5, an example would be as follows:
- Deploy F5s via ARM template
- Include “managedRoute” subnet when deploying template (e.g. 192.168.1.0/24)
- Create Azure new Route Table
- Then create new route for 192.168.1.0/24 network, next hop active F5 self IP address
- Add required tags to route table
- Associate route table with required subnets
- Test failover
https://github.com/F5Networks/f5-azure-arm-templates/tree/master/supported/failover/same-net/via-api/n-nic/existing-stack/payg
For specific Azure steps, you need to...
- Create new route table (or adjust existing)
- Add new route
- address prefix = VIP range = my example 192.168.1.0/24
- next hop = virtual appliance
- next hop address = the active F5 self IP address receiving traffic
- Save
- Now back at main route table, add tags
- add tag f5_cloud_failover_label with a custom value (ex. "mydeployment")
- add tag f5_cloud_failover_nic_map with a value that matches on both BIG-IPs (ex. "external")
- *example, your values might be different if you customized
- Associate new route table with your subnet(s)
You might ask what is the IP address for step #5. This depends on your setup. In a one-arm setup, the F5 only has one way in/out. It's that self IP of the active unit. If you are in a two-arm setup and participating in an external and internal link, then your next hop will be either the external self IP or the internal self IP. Again, depends on your design and routing.