cancel
Showing results for 
Search instead for 
Did you mean: 

Load Balancing Outbound traffic between ISP Links with Big-IP LTM. HOW ?

f5-nube
Altostratus
Altostratus

Hello everyone,

We're working on replacement of a Peplink Balance 580 with an F5 Big-ip (LTM+DNS) and we want to use it to balance outbound traffic between 3 ISP links.

In the peplink we had the ability to control traffic based on source and destination IPs or even URLs (eg: youtube traffic goes through link 1 and traffic destined to a certain ip goes through link 2 unless link 2 is down, then it goes through link 1)

Can we impelement a similar configuration using big ip (LTM+DNS)? I know that big ip Link Controller was intended for this kind of scenario but have any of you worked on balacing outbound traffic using LTM ?

Your help will be much appreciated.

 

7 REPLIES 7

PeteWhite
F5 Employee
F5 Employee

So the general concept is that you have a forwarding virtual server ( this means it doesn't change the destination address or port ) and use a pool containing the routers for the different links. To start with, allow it to loadbalance over those links to see how it works and then try using different load balancing algorithms on the pool configuration. If you want to use your own loadbalancing scheme such as URL based then you can do that with LTM Traffic Policies or iRules but you will have to then change your virtual server setup.

boneyard
MVP
MVP

did you get this worked out f5-nube? in principal Pete's reply is what you need, if you can't get it to work then please share some cleaned up config and people will probably be able to assist easier.

f5-nube
Altostratus
Altostratus

Hello Everyone,

 

Sorry for the late Feedback

I've tried to use the IP Forwarding Virtual Server, but this Type of VS doesn't take Pools in the configuration so i had to configure a default route where my gateway is the pool of routers, also the Forwarding IP VS doesn't allow you to associate LTM traffic policies but only iRules.

One more thing, In this type of configuration all traffic going through Bigip gets SNATed. which is not what we want in our case of deployment since some servers on the inside need to be seen with there public ip NATed at the Firewall level. I tried to use a Layer 2 Forwarding VS and put ports 1:0 and 2:0 in the same VLAN Group. but then traffic just totaly bypasses the Bigip and i have no control over which ISP link it'll go through.

I'll try to explain want we want to do below.

 

0691T00000C1dPyQAJ.png 

We wanf to forward traffic if we choose to go through ISP-1 or ISP-2 (No source address change).

and if we want it to go throught the FTTH link then it get SNATed.

Is there a way to implement this in the network diagram above with a Bigip LTM ?

I apologize if i'm not clear with the explenation. i'm here to provide any more derails.

 

Thank you all.

 

you could you a performance layer 4 virtual server if you want to use a pool. it will also enable local traffic policies. with IP forwarding you indeed need routes and just iRules.

 

the SNAT behaviour depends on the "Source Address Translation" setting. if this happens for traffic going in you might want to only enable it on the outgoing VLAN interface.

 

to enable it for some, but not on others you will need an iRule or perhaps LTP, something to try out.

I tried the performance layer 4 virtual server with a pool that containes my routers to ISPs , however when i try to access the internet with the F5 as my gateway, i get redirected to the router's login page. as if the router is treated like a web server .

Set translate address and translate port to disabled on the virtual server

did that work out for you f5-nube?