Forum Discussion
Hamish
Aug 02, 2012Cirrocumulus
Assuming you're doing this with the netscalars inline, you should be able to treat them as a transparent device. Like the way a firewall sandwhich was configured, except you're doing it with netscalars instead. SO traffic flow would be
(Lets see how the ascii art comes out)
--- netscalar 1 ------------------- netscalar 2 ---
bigip1 --- --- bigip2
--- netscalar 3 ------------------- netscalar 4 ---
So assuming that netscalars all have IP addresses facing the bigip, you'd configure a pool containing the local addresses on each bigip. Then put a network VS in place that uses that pool... The traffic TO the subnet in the network VS will then be sent via the pool. As long as the return traffic passes BACk via the same F5 (And same interface on the F5), then the connection table will look after making sure it's returned to the correct netscalar.
the monitor is created as a TRANSPARENT monitor. You nominate a target IP address in the montior and it uses the poolmember as a router to the target IP & port. To prove that the transparent device (And we treat the netscalar as a router at this level) is up and managing to communicate with the target.
there's a whitepaper somewhere on tech.f5.com I think (Or should be. There always used to be, but it's a while since I looked for it).
H