SSHSSH_97332
Nimbostratus
NimbostratusCan Access F5 without Default Route
i found that i can access my F5 LTM from external networks ( on Self IPs of the interfaces ) , even i forgot to put Default route on it ?
Forum Discussion
9 Replies
nitassEmployee
can you disable auto last hop and try again?
sol11796: Overview of the Auto Last Hop setting
http://support.f5.com/kb/en-us/solutions/public/11000/700/sol11796.html
hooleylistCirrostratus
Is that a problem SSHSSH or are you just wondering how it's working? As Nitass suggested, with Auto Lasthop enabled, TMM will respond out the same switch port as it received the connection, ignoring any routes.
Aaron
HamishCirrocumulus
Just to add to what Aaron said... The auto last-hop explicitly uses the MAC address of the sender as the destination when replying. The last-hop MAC address is taken from the inbound packet when the entry is placed in the connection table.
H- SSHSSH_97332Thanks all . but the behaviour i found is :
i can manage device from external subnets ( with no routes )
i cannot reach pool members ( using Virtual IP of VS ) from external subnets , when i put route to these subnets it worked .
So , if it is related to Autolast hop , the second scenario should have worked without the route ? - nitassi cannot reach pool members ( using Virtual IP of VS ) from external subnets have you captured packet? did you see packet reaching virtual server?
- HamishPosted By SSHSSH on 04/14/2012 07:40 AM
Thanks all . but the behaviour i found is :
i can manage device from external subnets ( with no routes )
i cannot reach pool members ( using Virtual IP of VS ) from external subnets , when i put route to these subnets it worked .
So , if it is related to Autolast hop , the second scenario should have worked without the route ?
For the pool member connectivity do you mean direct to the pool members? That's because the BigIP is not a router. It requires a network VS to forward non-loadbalanced traffic to pool members that live behind the LTM.H
- SSHSSH_97332No , i have already a VS for this pool but wasnot able to access
TechgeeegAre you able to ping the VS IP address or not?????- SSHSSH_97332without Default Route + Autolasthop enabled :
can access Ppol member though VS IP & Can access F5 >>>>>> No problem , normal
without default route + Autolasthop disbaled
cannot access Pool member thougoh VS Ip ( normal ) , but still can access F5 device ???