Forum Discussion

Cirrus

Apr 10, 2017

Solved

After adding VLAN's or SELF IP all goes red

My network setup: Webserver address: PV01 - 192.168.10.57 PV02 - 192.168.10.58 Virtual IPs I would like to use ACD-PV01-VS-http 192.168.10.149 ACD-PV01-VS-https 192.168.10.159 ...

application delivery

LTM

Kevin_Davies_40
Apr 11, 2017
Webserver address: PV01 - 192.168.10.57 PV02 - 192.168.10.58

What ports?

Virtual IPs I would like to use ACD-PV01-VS-http 192.168.10.149 ACD-PV01-VS-https 192.168.10.159

You dont need the second as they are on different ports so you can just have them on port 80 and 443 on the same IP address.

Management IP 192.168.110.147

Yes thats good.

Self IP's? These attach your BIGIP to the network at layer 3
VLAN's? These attached your BIGIP to the network at layer 2
Interfaces? These are your physical links for layer 1

Procedure

Create VLAN using interface 1.1 (untagged if no VLAN)
Create Self IP on new VLAN 192.168.10.10 (if not in use)

Create pool pool_webserver with the following new members

Name PV01 Address 192.168.10.57 Port ??

Name PV02 Address 192.168.10.58 Port ??

Create Virtual Server vs_webserver_443

Address 192.168.10.159 port 443

HTTP Profile: http

SSL Profile (Client) - clientssl

if PV01/02 are HTTPS then SSL Profile (Server) - serverssl

Source Address Translation - Automap

Default Persistence Profile: Cookie

Pool pool_webserver

Create Virtual Server vs_webserver_80

Address 192.168.10.159 port 80

HTTP Profile: http

iRules _sys_https_redirect

That should get you up and running but like the man said, do some training. You need to have a better idea of how all this works 🙂

Kevin_Davies_40

Nacreous

Apr 11, 2017

Webserver address:
PV01 - 192.168.10.57
PV02 - 192.168.10.58

What ports?

Virtual IPs I would like to use
ACD-PV01-VS-http 192.168.10.149
ACD-PV01-VS-https 192.168.10.159

You dont need the second as they are on different ports so you can just have them on port 80 and 443 on the same IP address.

Management IP 192.168.110.147

Yes thats good.

Self IP's? These attach your BIGIP to the network at layer 3
VLAN's? These attached your BIGIP to the network at layer 2
Interfaces? These are your physical links for layer 1

Procedure

Create VLAN using interface 1.1 (untagged if no VLAN)
Create Self IP on new VLAN 192.168.10.10 (if not in use)
Create pool pool_webserver with the following new members

Name PV01 Address 192.168.10.57 Port ??

Name PV02 Address 192.168.10.58 Port ??
Create Virtual Server vs_webserver_443

Address 192.168.10.159 port 443

HTTP Profile: http

SSL Profile (Client) - clientssl

if PV01/02 are HTTPS then SSL Profile (Server) - serverssl

Source Address Translation - Automap

Default Persistence Profile: Cookie

Pool pool_webserver
Create Virtual Server vs_webserver_80

Address 192.168.10.159 port 80

HTTP Profile: http

iRules _sys_https_redirect

That should get you up and running but like the man said, do some training. You need to have a better idea of how all this works 🙂

Kevin_Davies_40
Nacreous
Apr 11, 2017
This configuration will result in requests to http will be redirected to https
Anthony_Fornito
Cirrus
Apr 11, 2017
Following your steps everything will look fine until I add the self_ips

I can add the nodes, pools, virtual servers, and vlans.

Each nodes, pools, virtual servers will be green as soon as I add the self-ip they all go red.

I did sign up for CBTNuggets last night and watch the first 9 vids up the creating the pools and members, our network here is very similar to the lab environment.

In my lab using vmware workstation i was able to following the instructions using 11.0 our system is 12.1.2 is there a big different there?

Going into the CLI of the Bip IP I cannot ping 192.168.10.57 or 58

If i try to cURL couldn't connect to host.

I reset the F5 back to factory setting setup only the VLAN< Nodes, Pool, Virtual Servers,

No SELF-IP

I can ping and curl 192.168.10.57 and .58

It seems as soon as I add the Self_IPs I cannot delete them unless I delete everything that its tied to before just to start over.

What else can i check? Why is adding the self_ips throwing everything off?
Kevin_Davies_40
Nacreous
Apr 12, 2017
Sorry but you wont be able to do anything without a self IP. Please go to System Platform and tell me what the IP address and Netmask is.
Anthony_Fornito
Cirrus
Apr 12, 2017
Management Port Configuration: Manual

IP Address[/prefix]: 192.168.110.147

Network Mask: 255.255.255.0

Management Route: 192.168.110.1

Host Name: ACD-BIGIP.autoscribe.com

Host IP Address: Use Management Port IP Addresses

Time Zone: America/New York

No redundant Pair configured at the moment
Kevin_Davies_40
Nacreous
Apr 14, 2017
Thank you for that, now please give me the output of the following commands...

tmsh list net vlan tmsh list net selfip

What hypervisor are you using or is it a physical BIG-IP? Do you have the first two interfaces on separate virtual interfaces.
Anthony_Fornito
Cirrus
Apr 17, 2017
Thank you for all your help turned out to be a networking issue.

What was happening was we have a Meraki firewall, and it allows for multiple gateways, ie.

192.168.10.X -> 192.168.10.1

192.168.60.X -> 192.168.60.1

192.168.70.X -> 192.168.70.1

I am not sure if that is good or bad but i had to work around that.

Also I could not reconfigure the .10 network to make it work as draw out above so what I had to do was set the Self IP's to the .10 network and reconfigure all the web nodes to run on .70

Forum Discussion

After adding VLAN's or SELF IP all goes red

Recent Discussions

Find GSLB pool membership from vip IP

Pool Members communication with B-party via F5 VIP

Server 2 causing application slowness

F5Access | MacOS Sonoma

AS3 Deployments (shared objects)

Related Content

2 internal server vlans

Disable Inter-VLAN Routing?

VLAN Group and Asymmetric Deployment

Getting Started with BIG-IP Next: Adding Instances to Central Manager

adding pool members in cli