Forum Discussion

walkerjt_97411's avatar
walkerjt_97411
Icon for Nimbostratus rankNimbostratus
Sep 29, 2008

LTM multiple interface/vlan routing issue

I have a dilema that i believe has a remedy utilizing the many tools BigIP has but am unable to discover or maybe comprehend it! need help!

 

 

here is the scenario:

 

I have an environment with four core switches servicing many different vlans and environments. we have connected our LTM to all switches and seperated communications by vlan and interface. this all seems to work perfectly for external users that are attempting to access services behind the BigIP's, but i have an issue with servers from one of the connected vlans for BigIP accessing the VIP address for services behind BigIP. this is i assume an asyncronous routing issue that shoul dbe resolvable.

 

 

The breakdown:

 

 

Successful scenario:

 

 

1.From the User’s vlan

 

2.To the BigIP VIP address vlan

 

3.To the Application Server

 

4.Back to BigIP

 

5.Back to the User

 

 

 

 

Unsuccessful setup

 

 

1.From the Server Vlan

 

2.To the BigIP VIP address vlan

 

3.To the Application Server

 

4.Back to BigIP

 

5.failes back to the Server

 

 

PLease help i can explain it more indepth if need be.
config
design

11 Replies

Sort By
Show More
  • walkerjt_97411's avatar
    walkerjt_97411
    Icon for Nimbostratus rankNimbostratus
    Oct 01, 2008
    thanks guys here is the flow of traffic confirmed via snoops and sniffer:

     

     

    FLOW

     

    ----------

     

    from server C ---> into interface 1.2(myVip) ---> out to server B --->returning to interface 1.1 --->out of interface 1.3

     

     

    I do have a forwarding vip configured on BigIP going out of interface 1.2! SNAT will not work because it only masks the source for the member server and once it conversts the source back to the original destination BigIP follows normal routing rules and forwards out of the interface designated for the originating server. in my case that server is locally known on a different interface than from which the BigIP recieved the traffic on.

     

     

    sorry this config is so convoluted we have 4 core switches in this datacenter and redundant paths makes for crazy configurations some times!