Forum Discussion
Hamish
Apr 25, 2012Cirrocumulus
I can't see the diagram. However I'm not convinced proxy-arp is your solution.
I usually place the BigIP as the actual router for the pool member VLANs where SNAT is not wanted. No other connection into that VLAN from your core routers (i.e. remove the SVI and add a static route to the pool member VLAN via the BigIP 'external' interface. The BigIP 'internal' interface then is the router address for the load-balanced vlan.
Proxy arp would tend to indicate to me that you're trying to do this in a flat network. So I suspect that perhaps your clients and servers are on the same subnet? In which case the gateway won't be used to talk back to the clients. And traffic just goes back direct. (Without SNAT clients can't be on the same subnet as the servers, UNLESS you can do something at the poolmember/server to force traffic via the BigIP. e.g. policy routing with iptables on Linux).
H