Self IPs are actual IP addresses that are assigned to TMM and the Linux control plane.
Virtual IPs (and their associated Virtual Addresses) are TMM configuration objects that tell TMM how to handle ARP requests and new incoming network flows. This post talks about this in more detail:
You can assign additional alias IPs /32 or subnet to the Single Nic in GCP, and then create virtual servers that listen for these IPs on the F5 Device.
Thanks - yep - that i can do - i can add an Alias Range - of 10.10.10.20/32 as Alias ip - and create a port 443 VIP - the second part is connecting externally -
as the Device has 1 External IP - 25.25.25.25 - if My second DNS name resolves to - 25.25.25.26 - how would i get that traffic to the F5
The forwarding rule will listen for the second public IP and point the traffic to the F5 Compute engine (VM). On the F5 Device you should create a second virtual server with the destnation ip of the GCP public IP address.
btw if the traffic is http/s, you can serve multiple hostnames using LTM virtual server. you can use traffic policy/irules to read Host request header and route to to specific pools. it's usually called virtual host method in webservers.
So to me this is a question of network ranges. So you have a external IP 25.25.25.25 and you want to have a second IP so say 25.25.25.26, now if these are just /32 address these will need to be on different interfaces on your external firewall..
Or these will need to be in same wider subnet so /24 or /27 or something like that. So one physical interface can have 2 IP's with the same gateway, Now with that in mind, on the f5 the same will need to our if your first VIP is say 10.10.10.11, it should be in the same subnet of at least a self-ip and its gateway so should be in a /29 or higher network, which would give you a second IP say 10.10.10.12 so this address will actually be 10.10.10.12/29 to use for your second VIP make the network address wider on your external edge and you can have more VIP's / IP!. If you add a cluster you'll need an additional Self IP for each NIG-IP in that cluster.
Once you have the suitable network ranges for this to work, you then just need to map your NAT rules from external to internal and you should be ready to rock!
If you can only have one internal IP, you could always have to exteranl IP's say on port 443. And use the external firewall to NAT them to different ports. So something like ExtIP01:443 => IntIP01:3001 ExtIP02:443 => IntIP01:3002
Which dependant on your constraints in your system may give you a little more flexiablity.
