Load Balancing Outbound traffic between ISP Links with Big-IP LTM. HOW ?
Hello everyone, We're working on replacement of a Peplink Balance 580 with an F5 Big-ip (LTM+DNS) and we want to use it to balance outbound traffic between 3 ISP links. In the peplink we had the ability to control traffic based on source and destination IPs or even URLs (eg: youtube traffic goes through link 1 and traffic destined to a certain ip goes through link 2 unless link 2 is down, then it goes through link 1) Can we impelement a similar configuration using big ip (LTM+DNS)? I know that big ip Link Controller was intended for this kind of scenario but have any of you worked on balacing outbound traffic using LTM ? Your help will be much appreciated.
SMTP Load Balancing without SNAT Outbound traffic problems
Hello, I’m sorry because this is an issue that it has been reviewed in the forum, but in our case it doesn’t work and we don`t know what is the problem. We have two STMP VLANs, internal (192.168.26.0/24) and external (192.168.227.0/24). In the external we have a standard virtual server (192.168.227.11) with a SMTP pool with two servers in the internal VLAN (192.168.26.11 and 192.168.26.12). We have SNAT Automap disable because we want to keep the original source IP, so SMTP servers have its default gateway on F5 (192.168.26.1). This works OK. The problem is about outbound traffic. For example, when SMTP server tries to send outbound traffic to Internet or Exchange servers, through F5, it doesn’t work. We know internal servers can reach F5 SMTP internal floating ip (192.168.26.1) by ping, but it seems it doesn´t know what to do with traffic originated on SMTP servers, or where to send it. It also happens with any connection started in the server. We have tried to configure a 0.0.0.0/0.0.0.0:any virtual server forwarding IP enabled on internal VLAN but it doesn’t work. Traffic reaches F5 (we show IN traffic statistics), but doesn’t continue to the external VLAN. We have also tried with a default route too (0.0.0.0/0 -> 192.168.227.1), but it doesn´t work. Could you help us? Thank you very much!
Outbound iRule / BGP routing
Hey sirs, I would like to ask a question about the order of precedence/execute of a connection that consumes a forwarding virtual server/routing table. Currently, we have a forwarding any:0 virtual server, which load balances internet outgoing traffic through a pool_default_gateway that has the IP of 3 routers from different ISP associated with it, including some irules that make the SNAT decision based on LAN-segment. We are planning to include the F5 pair in the BGP neighbors of each ASN ISP and receive the default route and advertise the Virtual Server public IP. Does anyone know if the F5 when reads the dynamic routing table obtained via BGP, the traffic that is handled by the virtual servers of forwarding any:0, including those that are manipulated via iRule can show any kind of intermittence? thanks in advanceForward SSL proxy or Proxy SSL ?
Hi We want to create new Virtual server wildcard Outbound with standard type and port 443. The thing is we want to decrypt to inspect and modify some http header of some host too. example. If we access ";, F5 should perform irule and send it to pool A but if other user access ";, F5 should do nothing and send traffic normally. What need to do between Forward SSL proxy and Proxy SSL? Is both an additional license? Thank you