Forum Discussion

Jacqueline_Tadr's avatar
Jacqueline_Tadr
Icon for Altocumulus rankAltocumulus
Jul 28, 2021

reroute traffic to another VIP after passing to App Server in the back-end

I'm looking that explains how can I reroute traffic after coming from one VIP to the app servers to go back to a second VIP to load-balance between database servers. Do the latter need to be attached to the F5 like the app servers? Lastly but not least can we do this if we have LTM license only? Thanks

4 Replies

  • Hi Jacqueline,

     

    Yes, this won't be a problem with an LTM-only license.

    The F5 does not have to be directly connected to the database servers, but the F5 will need to be able to reach them. Also, the App servers do NOT need to be able to reach the database servers, they only need to be able to reach the F5.

     

    The best way to think of this, is by its connections. There are actually 4 connections involved;

    1. From Client to F5 (app-VS)
    2. From F5 to App servers
    3. From App server to F5 (db-VS)
    4. From F5 to DB servers

     

    So although the App server needs the database server to complete requests from the client, each connection is very much on its own and as long as each connection can reach its endpoint, it will work.

     

    You can create the second (db) virtual server with the db-pool and possibly enable SNAT Automap if the db servers don't have the F5 as their gateway. After that, configure the db-VS IP address in the App servers as their endpoint for database connections.

     

    Hope this helps.

  • Thanks much Alex,

    1, 2, and 4 are ok but 3 seems to be my problem.

    I'm assuming the 3rd step is to configure something o the app servers who are on the back-end of the F5. Is there anything to configured on the F5 that will allow traffic to route back from the app server to the 2nd vip or this is route setup on the app server?

     

    • AlexBCT's avatar
      AlexBCT
      Icon for Cumulonimbus rankCumulonimbus

      >> I'm assuming the 3rd step is to configure something o the app servers who are on the back-end of the F5. 

       

      Correct, it will be somewhere in the App servers that you configure the IP for the db-VS.

       

      >> Is there anything to configured on the F5 that will allow traffic to route back from the app server to the 2nd vip or this is route setup on the app server?

       

      That should indeed be on the app server as well - the app servers need to know how to reach the db-VS - they don't need to know how to reach the actual DB servers.