f5 big-ip ltm
8 TopicsF5 - Npath routing
Hi, I'm trying to setup Npath routing by the book: http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_implementation/sol_npath.html However there are some issues and doubts about this configuration. First of all, everything is on the same network: Client IP: 10.233.203.222 Load Balancer F5 Big-IP (version 10.2.1) Virtual IP: 10.233.203.218 Pool members: 10.233.203.216 and 10.233.203.217 Route table in each pool member: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 10.233.203.129 0.0.0.0 UG 0 0 0 eth0 10.233.203.0 * 255.255.255.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 1002 0 0 eth0 As described in documentation I added Virtual Server IP in loopback interface using the following command: ip addr add 10.233.203.218 label lo:0 dev lo scope global I'm not a network specialist but I would like to understand the flow between request and response using Npath. Some doubts: - What's the role of VIP in loopback interface? - Why even LB down I'm able to ping 10.233.203.218 (VIP) from outside? Is it not supposed loopback does not accept traffic from outside? - Because everything is on the same network make sense to use Npath? - Even with Npath how can I control the outbound traffic if node, LB and server are in the same network: 10.233.203.X? I do not understand well the entire flow: CLIENT -> LB -> SERVER1 OR SERVER2 -> LB -> CLIENT or using Npath: CLIENT -> LB -> SERVER1 or SERVER 2-> CLIENT Thanks for you support Mac699Views0likes7CommentsClient receive socket error
Hi all, we have just finish the F5 VE setup and starting with the 1st tesing and we encounter socket error on the client side We were able to telnet the VS IP & Port from the client. I have capture the tcpdump between client to F5 and trying to understand the handshake part.. would anyone be able to advise ? Note: I have replace the Source IP = Source IP and Virtual Server IP = VS Tcp dump Client to F5 02:04:33.637019 IP SourceIP.61406 > VS.10443: S 393854717:393854717(0) win 8192 02:04:33.637120 IP VS.10443 > SourceIP.61406: S 1243836893:1243836893(0) ack 393854718 win 4380 02:04:33.639949 IP SourceIP.61406 > VS.10443: . ack 1 win 64240 02:04:33.645381 IP SourceIP.61406 > VS.10443: P 1:53(52) ack 1 win 64240 02:04:33.645436 IP VS.10443 > SourceIP.61406: P 1:803(802) ack 53 win 4380 02:04:33.658065 IP SourceIP.61406 > VS.10443: P 53:192(139) ack 803 win 63438 02:04:33.659210 IP VS.10443 > SourceIP.61406: . ack 192 win 4571 02:04:33.665987 IP SourceIP.61406 > VS.10443: P 192:198(6) ack 803 win 63438 02:04:33.666001 IP VS.10443 > SourceIP.61406: . ack 198 win 4577 02:04:33.675939 IP SourceIP.61406 > VS.10443: P 198:243(45) ack 803 win 63438 02:04:33.675991 IP VS.10443 > SourceIP.61406: . ack 243 win 4622 02:04:33.676781 IP VS.10443 > SourceIP.61406: P 803:809(6) ack 243 win 4622 02:04:33.676806 IP VS.10443 > SourceIP.61406: P 809:854(45) ack 243 win 4622 02:04:33.679213 IP SourceIP.61406 > VS.10443: . ack 854 win 63387 02:04:33.713061 IP SourceIP.61406 > VS.10443: P 243:456(213) ack 854 win 63387 02:04:33.713075 IP VS.10443 > SourceIP.61406: . ack 456 win 4835 02:04:38.637618 arp who-has VS tell 10.8.227.254 02:04:38.637648 arp reply VS is-at 00:50:56:84:0f:50 (oui Unknown) 02:04:45.675974 IP VS.10443 > SourceIP.61406: R 854:854(0) ack 456 win 4835 02:21:14.284465 arp who-has VS tell 10.8.227.254 02:21:14.284497 arp reply VS is-at 00:50:56:84:0f:50 (oui Unknown) 02:21:14.286888 IP SourceIP.61572 > VS.amanda: S 1407086659:1407086659(0) win 8192 02:21:14.287072 IP VS.amanda > SourceIP.61572: S 3400928483:3400928483(0) ack 1407086660 win 4380 02:21:14.297839 IP SourceIP.61572 > VS.amanda: . ack 1 win 64240 02:21:14.354429 IP SourceIP.61572 > VS.amanda: P 1:185(184) ack 1 win 64240 02:21:14.354708 IP VS.amanda > SourceIP.61572: . ack 185 win 4564 02:21:26.354475 IP VS.amanda > SourceIP.61572: R 1:1(0) ack 185 win 4564 02:21:44.002801 IP SourceIP.61573 > VS.amanda: S 2339575959:2339575959(0) win 8192 02:21:44.002899 IP VS.amanda > SourceIP.61573: S 939635479:939635479(0) ack 2339575960 win 4380 02:21:44.006175 IP SourceIP.61573 > VS.amanda: . ack 1 win 64240 02:21:44.072147 IP SourceIP.61573 > VS.amanda: P 1:185(184) ack 1 win 64240 02:21:44.072500 IP VS.amanda > SourceIP.61573: . ack 185 win 4564 02:21:49.002935 arp who-has VS tell 10.8.227.254 02:21:49.002970 arp reply VS is-at 00:50:56:84:0f:50 (oui Unknown) 02:21:56.071802 IP VS.amanda > SourceIP.61573: R 1:1(0) ack 185 win 4564 02:22:00.817201 IP SourceIP.61574 > VS.kamanda: S 1234005134:1234005134(0) win 8192 02:22:00.817378 IP VS.kamanda > SourceIP.61574: S 510475054:510475054(0) ack 1234005135 win 4380 02:22:00.820048 IP SourceIP.61574 > VS.kamanda: . ack 1 win 64240 02:22:00.859254 IP SourceIP.61574 > VS.kamanda: P 1:185(184) ack 1 win 64240 02:22:00.859539 IP VS.kamanda > SourceIP.61574: . ack 185 win 4564 02:22:12.858954 IP VS.kamanda > SourceIP.61574: R 1:1(0) ack 185 win 4564617Views0likes14CommentsVirtual Sever Subnet
Hi, I have a subnet of /25 rang for selecting VIP's, So now my question is can I use all 128 IP's (0 - 127 ) for creating Virtual server or only 126 IP's excluding Network ID & Broadcast address. I am assuming each virtual server is /32 and all IP's can be used from the subnet. Please correct me If I am wrong. Regards, Praveen252Views0likes1CommentDeploying LTM and integrating with BGP
Hi all I have a client who has 2x LTM. They want to deploy one per DC. I have two concerns: One: the hearthbeat that indicates and facilitate the failover is communicated over layer 2; does this mean that the two LTMs cannot sync configs and be deployed in a HA active/passive scenario? Two: if a backend server goes down in DC one, can the LTM route the traffic to the mirror server is DC2? I guess this links into the first question in terms of the two devices having visibility of what the other one is doing? The easy option is for the client to buy 2x advanced routing license and 2x GTM add-on but I am curious to know if there is a work around i.e. not buying any additional software licenses or just buying the advanced routing license. Any help you can offer to assist with this deployment would be greatly apprecaited. BR Adel238Views0likes1CommentSharepoint 2007 Health Monitor
Need help setting up health monitor for website running on sharepoint 2007 server with LTM 11.6 for LB. I tried setting up external monitor but the monitor is showing up in drop down menu when try to setup external monitor. Also failing NTLM auth when using curl for testing.231Views0likes0CommentsUsing source address affinity persistence, but exluding certain IP addresses
Hi, I would like to use source address affinity persistence, except for a few known IP addresses for which I do not want to use any session persistence at all (for stress testing the cluster, etc). Can I configure this without having to re-implement source address affinity persistence with an iRule?227Views0likes2CommentsClient receive socket error
Hi all, we have just finish the F5 VE setup and starting with the 1st tesing and we encounter socket error on the client side We were able to telnet the VS IP & Port from the client. I have capture the tcpdump between client to F5 and trying to understand the handshake part.. would anyone be able to advise ? Note: I have replace the Source IP = Source IP and Virtual Server IP = VS Tcp dump Client to F5 02:04:33.637019 IP SourceIP.61406 > VS.10443: S 393854717:393854717(0) win 8192 02:04:33.637120 IP VS.10443 > SourceIP.61406: S 1243836893:1243836893(0) ack 393854718 win 4380 02:04:33.639949 IP SourceIP.61406 > VS.10443: . ack 1 win 64240 02:04:33.645381 IP SourceIP.61406 > VS.10443: P 1:53(52) ack 1 win 64240 02:04:33.645436 IP VS.10443 > SourceIP.61406: P 1:803(802) ack 53 win 4380 02:04:33.658065 IP SourceIP.61406 > VS.10443: P 53:192(139) ack 803 win 63438 02:04:33.659210 IP VS.10443 > SourceIP.61406: . ack 192 win 4571 02:04:33.665987 IP SourceIP.61406 > VS.10443: P 192:198(6) ack 803 win 63438 02:04:33.666001 IP VS.10443 > SourceIP.61406: . ack 198 win 4577 02:04:33.675939 IP SourceIP.61406 > VS.10443: P 198:243(45) ack 803 win 63438 02:04:33.675991 IP VS.10443 > SourceIP.61406: . ack 243 win 4622 02:04:33.676781 IP VS.10443 > SourceIP.61406: P 803:809(6) ack 243 win 4622 02:04:33.676806 IP VS.10443 > SourceIP.61406: P 809:854(45) ack 243 win 4622 02:04:33.679213 IP SourceIP.61406 > VS.10443: . ack 854 win 63387 02:04:33.713061 IP SourceIP.61406 > VS.10443: P 243:456(213) ack 854 win 63387 02:04:33.713075 IP VS.10443 > SourceIP.61406: . ack 456 win 4835 02:04:38.637618 arp who-has VS tell 10.8.227.254 02:04:38.637648 arp reply VS is-at 00:50:56:84:0f:50 (oui Unknown) 02:04:45.675974 IP VS.10443 > SourceIP.61406: R 854:854(0) ack 456 win 4835 02:21:14.284465 arp who-has VS tell 10.8.227.254 02:21:14.284497 arp reply VS is-at 00:50:56:84:0f:50 (oui Unknown) 02:21:14.286888 IP SourceIP.61572 > VS.amanda: S 1407086659:1407086659(0) win 8192 02:21:14.287072 IP VS.amanda > SourceIP.61572: S 3400928483:3400928483(0) ack 1407086660 win 4380 02:21:14.297839 IP SourceIP.61572 > VS.amanda: . ack 1 win 64240 02:21:14.354429 IP SourceIP.61572 > VS.amanda: P 1:185(184) ack 1 win 64240 02:21:14.354708 IP VS.amanda > SourceIP.61572: . ack 185 win 4564 02:21:26.354475 IP VS.amanda > SourceIP.61572: R 1:1(0) ack 185 win 4564 02:21:44.002801 IP SourceIP.61573 > VS.amanda: S 2339575959:2339575959(0) win 8192 02:21:44.002899 IP VS.amanda > SourceIP.61573: S 939635479:939635479(0) ack 2339575960 win 4380 02:21:44.006175 IP SourceIP.61573 > VS.amanda: . ack 1 win 64240 02:21:44.072147 IP SourceIP.61573 > VS.amanda: P 1:185(184) ack 1 win 64240 02:21:44.072500 IP VS.amanda > SourceIP.61573: . ack 185 win 4564 02:21:49.002935 arp who-has VS tell 10.8.227.254 02:21:49.002970 arp reply VS is-at 00:50:56:84:0f:50 (oui Unknown) 02:21:56.071802 IP VS.amanda > SourceIP.61573: R 1:1(0) ack 185 win 4564 02:22:00.817201 IP SourceIP.61574 > VS.kamanda: S 1234005134:1234005134(0) win 8192 02:22:00.817378 IP VS.kamanda > SourceIP.61574: S 510475054:510475054(0) ack 1234005135 win 4380 02:22:00.820048 IP SourceIP.61574 > VS.kamanda: . ack 1 win 64240 02:22:00.859254 IP SourceIP.61574 > VS.kamanda: P 1:185(184) ack 1 win 64240 02:22:00.859539 IP VS.kamanda > SourceIP.61574: . ack 185 win 4564 02:22:12.858954 IP VS.kamanda > SourceIP.61574: R 1:1(0) ack 185 win 4564205Views0likes0CommentsHas anyone ever setup the Panopto Lecture Cast application with the LTM?
We are attempting to setup the Panopto (http://www.panopto.com/) application in out dev/test area. I am familiar with setting up the normal web server but I am not familiar with setting up the Live Streaming/Real Time Streaming virtual servers. I am currently load balancing all of the HTTP/HTTPS traffic but none of the streaming media traffic. Can anyone give me a best practices for setting up the F5 LTM (v11.4) to support streaming with Microsoft streaming media services? The vendor support for the application stated they had "very few" clients doing this and they don't have much information on the setup. Our application servers do not use the F5 as their DFG. So we will have to SNAT everything. Ports in use by the application: Port 80 - Web traffic Port 8080 - Alternate Web traffic. Required for viewing recorded content. Port 1755 - Live Streaming/Broadcast Port 554 - Real Time Streaming Content (RTSP) Port 443 - SSL (optional) Basic application diagrams from the vendor: http://support.panopto.com/documentation/admin-and-setup/how-panopto-works/panopto-deployed/panopto-server-architecture-lan-0 http://support.panopto.com/documentation/admin-and-setup/how-panopto-works/panopto-hosted/panopto-hosted-architecture Any and all help is appreciated. Thank you, Adam186Views0likes0Comments