Forum Discussion

IvyPhamLe_15115's avatar
IvyPhamLe_15115
Icon for Nimbostratus rankNimbostratus
Apr 16, 2014

LBM for internal vlans,

Hello, Our team has inherited the F5 with Chassis serial number is bip216816s, and i'd like to test the simple LBM web server for our lab. This is our network: We have around 20 internal VLANS interconnected with each other. I uplink one trunk port from this F5 into one of our network switch which allowed 2 vlan 300 and vlan 301. I configured: server 1 with IIS installed : 10.10.10.10 vlan 300 server 2 with IIS installed : 10.10.10.11 vlan 300 I put these 2 servers into the pool, then put this pool to Virtual Server with IP 10.10.20.20 in vlan 301.(set port 80, http, Round Robin) I created a SNAT list with Translation Address is 10.10.20.20, Origin Address are: 10.10.10.10, 10.10.10.11. This is what i suppose it works but obviously it's not: When i type ip 10.10.20.20 in web-browser, i suppose it will load either the default web-page of either server 1 or server 2.

 

I can ping the ip 10.10.20.20 port 80 from any vlans. i can browser default webpage of server 1 and server 2 by typing its ip in web-browser directly.

 

Please kindly help as i am very new with F5.

 

Thanks, Ivy

 

application delivery
BIG-IP DNS
LTM
microsoft

38 Replies

Sort By
  • Cory_50405's avatar
    Cory_50405
    Icon for Noctilucent rankNoctilucent
    Apr 17, 2014

    Change your virtual server to SNAT auto map and see if this fixes your issue.

     

    • Cory_50405's avatar
      Cory_50405
      Icon for Noctilucent rankNoctilucent
      Apr 17, 2014
      Try doing a tcpdump on your BIG-IP to see what communications are going between it and the servers: tcpdump -nni 0.0 host 10.10.10.10 or host 10.10.10.11
    • IvyPhamLe_15115's avatar
      IvyPhamLe_15115
      Icon for Nimbostratus rankNimbostratus
      Apr 17, 2014
      Under System>Console, i ran the command, i got the message below BIGpipe parsing error: 012e0008:3: The requested command (tcpdump -nni 0.0 host 10.10.10.11) is invalid
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Apr 18, 2014

    I created a SNAT list with Translation Address is 10.10.20.20, Origin Address are: 10.10.10.10, 10.10.10.11. This is what i suppose it works but obviously it's not

     

    can you try to remove (delete) snat list and set snat automap under the virtual server configuration?

     

  • nitass_89166's avatar
    nitass_89166
    Icon for Noctilucent rankNoctilucent
    Apr 18, 2014

    I created a SNAT list with Translation Address is 10.10.20.20, Origin Address are: 10.10.10.10, 10.10.10.11. This is what i suppose it works but obviously it's not

     

    can you try to remove (delete) snat list and set snat automap under the virtual server configuration?

     

  • nitass_89166's avatar
    nitass_89166
    Icon for Noctilucent rankNoctilucent
    Apr 19, 2014

    can you post the virtual server and pool configuration?

     b virtual (name) list
 b pool (name) list
    • IvyPhamLe_15115's avatar
      IvyPhamLe_15115
      Icon for Nimbostratus rankNimbostratus
      Apr 22, 2014
      Sorry for late reply, please see below: b virtual LS-VS list virtual LS-VS { snat automap pool LS-POOL destination 10.10.20.20:http ip protocol tcp vlans VLAN300 enable profiles fasthttp b pool LS-POOL list pool LS-POOL { lb method member ratio members 10.10.10.10:http 10.10.10.11:http }
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Apr 19, 2014

    can you post the virtual server and pool configuration?

     b virtual (name) list
 b pool (name) list
    • IvyPhamLe_15115's avatar
      IvyPhamLe_15115
      Icon for Nimbostratus rankNimbostratus
      Apr 22, 2014
      Sorry for late reply, please see below: b virtual LS-VS list virtual LS-VS { snat automap pool LS-POOL destination 10.10.20.20:http ip protocol tcp vlans VLAN300 enable profiles fasthttp b pool LS-POOL list pool LS-POOL { lb method member ratio members 10.10.10.10:http 10.10.10.11:http }
    • IvyPhamLe_15115's avatar
      IvyPhamLe_15115
      Icon for Nimbostratus rankNimbostratus
      Apr 23, 2014
      Please see below. As i have removed the snat as your suggestion, so no snat now. Thanks b self list self 10.10.10.13 { netmask 255.255.255.0 vlan VLAN300 allow all } self 10.10.30.14 { netmask 255.255.255.0 vlan VLAN302 allow all } b snat list No SNATs were found.
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Apr 23, 2014

    can you post 2 more configurations?

     b self list
 b snat list
    • IvyPhamLe_15115's avatar
      IvyPhamLe_15115
      Icon for Nimbostratus rankNimbostratus
      Apr 23, 2014
      Please see below. As i have removed the snat as your suggestion, so no snat now. Thanks b self list self 10.10.10.13 { netmask 255.255.255.0 vlan VLAN300 allow all } self 10.10.30.14 { netmask 255.255.255.0 vlan VLAN302 allow all } b snat list No SNATs were found.
  • nitass_89166's avatar
    nitass_89166
    Icon for Noctilucent rankNoctilucent
    Apr 24, 2014

    is the virtual server enabled on correct vlan (vlan 300)? shouldn't it be vlan 301?

    b virtual LS-VS list
virtual LS-VS {
   snat automap
   pool LS-POOL
   destination 10.10.20.20:http
   ip protocol tcp
   vlans VLAN300 enable
   profiles fasthttp
}

    vlan 301 is shows in tcpdump.

    >13:49:56.493263 802.1Q vlan301 P0 10.111.148.60.58668 > 10.10.20.20.80: S 793623215:793623215(0) win 8192  (DF)
    • IvyPhamLe_15115's avatar
      IvyPhamLe_15115
      Icon for Nimbostratus rankNimbostratus
      Apr 24, 2014
      Sorry as i changed the vlan and ip different with the real one, so my mistake. It's should be vlan301 Now i just enabled the vlan of Virtual Server and IT WORKS :) !!! I put the SNAT back, It works too !!! THANKS SO MUCH FOR YOUR SUPPORT !!! b virtual LS-VS list virtual LS-VS { snat automap pool LS-POOL destination 10.10.20.20:http ip protocol tcp vlans VLAN300 VLAN301 enable profiles fasthttp }
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Apr 24, 2014

    is the virtual server enabled on correct vlan (vlan 300)? shouldn't it be vlan 301?

    b virtual LS-VS list
virtual LS-VS {
   snat automap
   pool LS-POOL
   destination 10.10.20.20:http
   ip protocol tcp
   vlans VLAN300 enable
   profiles fasthttp
}

    vlan 301 is shows in tcpdump.

    >13:49:56.493263 802.1Q vlan301 P0 10.111.148.60.58668 > 10.10.20.20.80: S 793623215:793623215(0) win 8192  (DF)
    • IvyPhamLe_15115's avatar
      IvyPhamLe_15115
      Icon for Nimbostratus rankNimbostratus
      Apr 24, 2014
      Sorry as i changed the vlan and ip different with the real one, so my mistake. It's should be vlan301 Now i just enabled the vlan of Virtual Server and IT WORKS :) !!! I put the SNAT back, It works too !!! THANKS SO MUCH FOR YOUR SUPPORT !!! b virtual LS-VS list virtual LS-VS { snat automap pool LS-POOL destination 10.10.20.20:http ip protocol tcp vlans VLAN300 VLAN301 enable profiles fasthttp }