Forum Discussion

Luca_55898's avatar
Luca_55898
Icon for Nimbostratus rankNimbostratus
Nov 25, 2011

Weird issue - simple config

Hey guys,

 

 

Been going crazy with this one.

 

I have a VIP configured - 192.168.51.125 listening on port 25.

 

It has a pool with a single host - 192.168.31.17, which has been added to the pool using port 25.

 

 

The VIP has SNAT enabled, and all other defaults.

 

 

Now from my test sever i can ping 192.168.51.125 and i can telnet to 192.168.51.125 on port 25. But it seems as though the F5 just drops the traffic.

 

 

Running TCPDUMP on the F5 shows my traffic hitting the VIP on port 25, but the host (192.168.31.17) never receives the traffic. TCPDUMP on the host shows nothing at all.

 

 

From the F5 i can telnet to 192.168.31.17 on port 25 and ping it and all that, but when traffic hits the VIP it doesn't go any further....

 

 

 

Any thoughts on this?? its weird.

 

config
design

6 Replies

Sort By
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Nov 25, 2011
    The VIP has SNAT enabled, and all other defaults.do you mean snat automap? do you have floating selfip on every vlans?
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Nov 25, 2011
    and does bigip have selfip in 192.168.31.0 subnet? if not, you did add tmm routing (not mgmt routing), didn't you?
  • Luca_55898's avatar
    Luca_55898
    Icon for Nimbostratus rankNimbostratus
    Nov 25, 2011
    Yep I mean automap

     

     

    On closer inspection the 192.168.31.0/24 subnet is also configured as the management interfaces subnet.

     

    There is also no self IP for the 192.168.31.0/24 clan which is vlan 31.

     

     

    This bigip needs a bit of work I think. If I change the mgmt subnet and create a self op for that vlan I'd say or would work.

     

     

    What do you think?
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Nov 25, 2011
    This bigip needs a bit of work I think. If I change the mgmt subnet and create a self op for that vlan I'd say or would work. yes, it would work. normally, pool has to be reached by tmm interface - not mgmt interface.

     

     

    cheer!
  • Luca_55898's avatar
    Luca_55898
    Icon for Nimbostratus rankNimbostratus
    Nov 29, 2011
    There is not any issue with changing the management interface right?

     

    VIPs and everything will continue to work as normal? The mgmt interface can't be used for SNATS or anything like that can it?
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Nov 29, 2011
    There is not any issue with changing the management interface right? are you using network failover? in v10, mgmt ip is also used in network failover setting.

     

     

    VIPs and everything will continue to work as normal? The mgmt interface can't be used for SNATS or anything like that can it?yes.