Forum Discussion

Philip_Jonsson_'s avatar
Philip_Jonsson_
Icon for Altostratus rankAltostratus
Mar 09, 2013

Send the ServerIP instead of F5 IP

Hi,

 

 

I'm new to F5 and I just wonder if it's possible to send the IP of a Virtual Server instead of using the IP of the F5. If there is, how do I configure it?

 

I understand that there could be issues with assymetric routing but I just wonder if it's possible.

 

 

Best regards,

 

Philip

 

1 Reply

  • I just wonder if it's possible to send the IP of a Virtual Server instead of using the IP of the F5. If there is, how do I configure it?you mean source ip when connects to pool member (server), don't you? if so, yes you can configure snatpool under virtual server setting.

     snat automap
    
    [root@ve10:Active] config  b virtual bar list
    virtual bar {
       snat automap
       pool foo
       destination 172.28.19.252:80
       ip protocol 6
    }
    [root@ve10:Active] config  b pool foo list
    pool foo {
       members 200.200.200.101:80 {}
    }
    [root@ve10:Active] config  b self 200.200.200.10 list
    self 200.200.200.10 {
       netmask 255.255.255.0
       vlan internal
       allow default
    }
    
     (1)-(4) is client side connection (between client and bigip). (5)-(7) is server side connection (between bigip and pool member)
    
    [root@ve10:Active] config  tcpdump -nni 0.0 port 80
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on 0.0, link-type EN10MB (Ethernet), capture size 108 bytes
    (1) 15:51:10.979030 IP 172.28.20.120.38514 > 172.28.19.252.80: S 271636400:271636400(0) win 14600 
    (2) 15:51:10.979118 IP 172.28.19.252.80 > 172.28.20.120.38514: S 3382465872:3382465872(0) ack 271636401 win 4380 
    (3) 15:51:10.981157 IP 172.28.20.120.38514 > 172.28.19.252.80: . ack 1 win 115 
    (4) 15:51:10.981335 IP 172.28.20.120.38514 > 172.28.19.252.80: P 1:157(156) ack 1 win 115 
    (5) 15:51:10.982017 IP 200.200.200.10.38514 > 200.200.200.101.80: S 1639408811:1639408811(0) win 4380 
    (6) 15:51:10.983020 IP 200.200.200.101.80 > 200.200.200.10.38514: S 2068999966:2068999966(0) ack 1639408812 win 5792 
    (7) 15:51:10.983038 IP 200.200.200.10.38514 > 200.200.200.101.80: . ack 1 win 4380 
    
     snatpool
    
    [root@ve10:Active] config  b virtual bar list
    virtual bar {
       snatpool snat_vip
       pool foo
       destination 172.28.19.252:80
       ip protocol 6
    }
    [root@ve10:Active] config  b snatpool snat_vip list
    snatpool snat_vip {
       members 172.28.19.252
    }
    
     (1)-(4) is client side connection (between client and bigip). (5)-(7) is server side connection (between bigip and pool member)
    
    [root@ve10:Active] config  tcpdump -nni 0.0 port 80
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on 0.0, link-type EN10MB (Ethernet), capture size 108 bytes
    (1) 15:55:47.777277 IP 172.28.20.120.41339 > 172.28.19.252.80: S 2675007677:2675007677(0) win 14600 
    (2) 15:55:47.777313 IP 172.28.19.252.80 > 172.28.20.120.41339: S 1534200253:1534200253(0) ack 2675007678 win 4380 
    (3) 15:55:47.781289 IP 172.28.20.120.41339 > 172.28.19.252.80: . ack 1 win 115 
    (4) 15:55:47.781330 IP 172.28.19.252.41339 > 200.200.200.101.80: S 878420068:878420068(0) win 4380 
    (5) 15:55:47.781337 IP 172.28.20.120.41339 > 172.28.19.252.80: P 1:157(156) ack 1 win 115 
    (6) 15:55:47.782066 IP 200.200.200.101.80 > 172.28.19.252.41339: S 2331318016:2331318016(0) ack 878420069 win 5792 
    (7) 15:55:47.782150 IP 172.28.19.252.41339 > 200.200.200.101.80: . ack 1 win 4380