Forum Discussion

Anthony_Fornito's avatar
Anthony_Fornito
Icon for Cirrus rankCirrus
Apr 10, 2017
Solved

After adding VLAN's or SELF IP all goes red

My network setup:

 

Webserver address:

 

  • PV01 - 192.168.10.57
  • PV02 - 192.168.10.58

Virtual IPs I would like to use

 

  • ACD-PV01-VS-http 192.168.10.149
  • ACD-PV01-VS-https 192.168.10.159

Management IP 192.168.110.147

 

When I create my Nodes, Pools and Virtual Servers all are Green

 

When I add the VLAN Group and Self IP all go Red

 

This is a fresh deployment what am I not doing correct?

 

VLAN Groups Setting:

 

  • NamePV01-VLANG-01
  • Partition / PathCommon
  • VLANs -- Two Choices I have tried both and none doesn't make a difference
    • http-tunnel
    • socks-tunnel
  • Transparency ModeTranslucent
  • Bridge All Traffic(UnChecked)
  • Bridge In Standby(UnChecked)
  • Migration Keepalive(UnChecked)
  • Auto Last HopDefault

Created 2 Self IP's one for each IP assinged to the Source Address of the Virtual Servers

 

  • NameACD-PV01-SIP-01 and ACD-PV01-SIP-02
  • Partition / PathCommon
  • IP Address192.168.10.149 and 192.168.10.159
  • Netmask255.255.255.0
  • VLAN / TunnelPV01-VLANG-01
  • Port LockdownAllow ALL
  • Traffic Group(UnChecked) Inherit traffic group from current partition / path
  • Service PolicyNone
application delivery
LTM
  • Kevin_Davies_40's avatar
    Kevin_Davies_40
    Apr 11, 2017
    Webserver address:
PV01 - 192.168.10.57
PV02 - 192.168.10.58

    What ports?

    Virtual IPs I would like to use
ACD-PV01-VS-http 192.168.10.149
ACD-PV01-VS-https 192.168.10.159

    You dont need the second as they are on different ports so you can just have them on port 80 and 443 on the same IP address.

    Management IP 192.168.110.147

    Yes thats good.

    • Self IP's? These attach your BIGIP to the network at layer 3
    • VLAN's? These attached your BIGIP to the network at layer 2
    • Interfaces? These are your physical links for layer 1

    Procedure

    1. Create VLAN using interface 1.1 (untagged if no VLAN)
    2. Create Self IP on new VLAN 192.168.10.10 (if not in use)

    3. Create pool pool_webserver with the following new members

      Name PV01 Address 192.168.10.57 Port ??

      Name PV02 Address 192.168.10.58 Port ??

    4. Create Virtual Server vs_webserver_443

      Address 192.168.10.159 port 443

      HTTP Profile: http

      SSL Profile (Client) - clientssl

      if PV01/02 are HTTPS then SSL Profile (Server) - serverssl

      Source Address Translation - Automap

      Default Persistence Profile: Cookie

      Pool pool_webserver

    5. Create Virtual Server vs_webserver_80

      Address 192.168.10.159 port 80

      HTTP Profile: http

      iRules _sys_https_redirect

    That should get you up and running but like the man said, do some training. You need to have a better idea of how all this works šŸ™‚

8 Replies

Sort By
  • Leonardo_Souza's avatar
    Leonardo_Souza
    Icon for Cirrocumulus rankCirrocumulus
    Apr 10, 2017

    You don't need vlan group, that is only used in very uncommon configurations.

     

    Is visible that you are new to F5 world. I would recommend you to watch the following WBT (Web Based Training):

     

    BIG-IP Local Traffic Manager (LTM) Essentials

     

    It will help you understand the basics about LTM. It is free, and you can access from website.

     

  • Kevin_Davies_40's avatar
    Kevin_Davies_40
    Icon for Nacreous rankNacreous
    Apr 11, 2017
    Webserver address:
PV01 - 192.168.10.57
PV02 - 192.168.10.58

    What ports?

    Virtual IPs I would like to use
ACD-PV01-VS-http 192.168.10.149
ACD-PV01-VS-https 192.168.10.159

    You dont need the second as they are on different ports so you can just have them on port 80 and 443 on the same IP address.

    Management IP 192.168.110.147

    Yes thats good.

    • Self IP's? These attach your BIGIP to the network at layer 3
    • VLAN's? These attached your BIGIP to the network at layer 2
    • Interfaces? These are your physical links for layer 1

    Procedure

    1. Create VLAN using interface 1.1 (untagged if no VLAN)
    2. Create Self IP on new VLAN 192.168.10.10 (if not in use)

    3. Create pool pool_webserver with the following new members

      Name PV01 Address 192.168.10.57 Port ??

      Name PV02 Address 192.168.10.58 Port ??

    4. Create Virtual Server vs_webserver_443

      Address 192.168.10.159 port 443

      HTTP Profile: http

      SSL Profile (Client) - clientssl

      if PV01/02 are HTTPS then SSL Profile (Server) - serverssl

      Source Address Translation - Automap

      Default Persistence Profile: Cookie

      Pool pool_webserver

    5. Create Virtual Server vs_webserver_80

      Address 192.168.10.159 port 80

      HTTP Profile: http

      iRules _sys_https_redirect

    That should get you up and running but like the man said, do some training. You need to have a better idea of how all this works šŸ™‚

    • Anthony_Fornito's avatar
      Anthony_Fornito
      Icon for Cirrus rankCirrus
      Apr 11, 2017

      Following your steps everything will look fine until I add the self_ips

       

      I can add the nodes, pools, virtual servers, and vlans.

       

      Each nodes, pools, virtual servers will be green as soon as I add the self-ip they all go red.

       

      I did sign up for CBTNuggets last night and watch the first 9 vids up the creating the pools and members, our network here is very similar to the lab environment.

       

      In my lab using vmware workstation i was able to following the instructions using 11.0 our system is 12.1.2 is there a big different there?

       

      Going into the CLI of the Bip IP I cannot ping 192.168.10.57 or 58

       

      If i try to cURL couldn't connect to host.

       

      I reset the F5 back to factory setting setup only the VLAN< Nodes, Pool, Virtual Servers,

       

      No SELF-IP

       

      I can ping and curl 192.168.10.57 and .58

       

      It seems as soon as I add the Self_IPs I cannot delete them unless I delete everything that its tied to before just to start over.

       

      What else can i check? Why is adding the self_ips throwing everything off?

       

    • Kevin_Davies_40's avatar
      Kevin_Davies_40
      Icon for Nacreous rankNacreous
      Apr 12, 2017

      Sorry but you wont be able to do anything without a self IP. Please go to System Platform and tell me what the IP address and Netmask is.