Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Setting BIG-IP LTM Virtual Server for two SQL Servers nodes

Andrius_193034
Nimbostratus
Nimbostratus

‎19-Mar-2015 11:01 - last edited on ‎05-Jun-2023 22:31 by Fog

I've created BIG-IP Virtual Edition instance in Amazon EC2 using this tutorial.

I've followed this tutorial to configure BIG-IP System as an MS SQL Database Proxy. There were couple things that I didn't get in "Creating a database proxy virtual server" section:

  • For the Destination setting, in the Address field, type the IP address you want to use for the virtual server. The IP address you type must be available and not in the loopback network.
  • In the Service Port field, type 1443.

Which IP address should I use in destination field? Public IP, which I use to connect to BIG-IP WEB UI?

Why it says set service port to 1443, not 1433, which is default to SQL Server?

For now I set public IP and 1443 port and tried to verify connection using UDL file

I have two DB nodes and when trying to verify connection directly to their IP addresses - connection succeeds. But when I try BIG-IP public IP - connection fails with the following error message:

Test connection failed because of an error in initializing provider. [DBNETLIB][ConnectionOpen (Connect()).]SQL Server does not exist or access denied.

Both nodes are enabled and available in LTM (Local Traffic Manager).

Any ideas what I'm doing wrong?

0 Kudos
3 REPLIES 3

Daniel_Epperson
F5 Employee
F5 Employee

‎19-Mar-2015 11:22

The IP in the Virtual Server destination field will be a private address from AWS on the "external" interface. You'll then assign an Elastic IP to that address if you need public access to the Virtual Server. The port you pick on the service port isn't important as long as the UDL file is configured to match. The UDL will need to specify the Elastic IP instead of the private address if you are connecting over the internet to the virtual server.

 

0 Kudos

Daniel_Epperson
F5 Employee
F5 Employee

‎15-Apr-2015 07:30

I was able to view your qkview. Your node addresses appear to be public IPs. Depending on where your nodes live, maybe this should be the private addresses.

 

Notice that all of the BIG-IP configuration level addresses are private. There are no default routes configured on your BIG-IP, thus causing the 'no route to host' errors. You either need to use link-local pool member addresses (private) or provide a gateway to route traffic to the public addresses.

 

Do your pool members live in the same VPC as the BIGIP?

 

0 Kudos

Daniel_Epperson
F5 Employee
F5 Employee

‎22-Apr-2015 12:08

The pcap shows source 184.70.137.34 trying to hit 172.30.5.31 in the non-working case. I do also see working traffic (monitors) sourced from 172.30.5.95. To me this says your SNAT configuration (or lack thereof) is breaking the traffic. Consider enabling SNAT Automap on the virtual server.

 

https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-concepts-11-4-0/18.html

 

0 Kudos
Copyright © 2023 Khoros, LLC