CSS to F5 migration

Question

HI
I'm in the process of planning for a CSS to VLAN Migration and i'm running in to someroad blocks and was wondering if the experts here can shed some light. &nbsp;
A) In certain scenarios, the VIP address is the same subnet as pool members in the existing Cisco CSS Load balancer setup. Is this suported in LTM? 
B) More importantly, some of the Public IP subnets are being used for VLAN's and they are configured for both virtual address as well as physical server address. Now, the issue is for 3 Public SUbnets there are no free IP's available and i believe for LTM we need 3 IP's - 2 self ip and one floating.  ( since i have 2 LTM's as HA Pair ) . &nbsp;
Since these are public IP's and there are servers as well configured on it, NAT on a firewall is probably not an opiton for me as i don't want to renumber the servers ( The servers have the load balancer as default gateway). &nbsp;
Is there any way around this ... Appreciate your responses. &nbsp;

kai_wilke · Answer

Hi F5fanboy,&nbsp;
a.) Yes its supported. But you may have to use certain SNAT configuration on the F5, to make the request and response pass your LTM.&nbsp;
b.) In a clustered scenario LTM needs at least 3 IPs (2 self and one float) for every route domain. But you don't need Interfaces/IPs in any of your VLANs, if a different network path could be used to reach the LTM. To have LTM receiving the traffic for non-local connected networks, just may want to use directhost/32 routes on your network equipment pointing to an LTM interface of another VLAN.&nbsp;
Cheers, Kai&nbsp;

f5fanboy_182636 · Answer

HI Kai Wilke
Thanks for the response. on the query B about the Public Subnets running out of Public IP issue, do you think i could NAT for the Public IP's to a Private IP in the firewall and then setup LTM Virtual SErver with those private IP.  The issue with the setup is that the F5 will be connected to a L2 switch which also has all the servers connected to it.So, in cases of Public IP directly assigned to servers i will need to create a VLAN in F5 in order for those servers to use it as default gateway and without 3 available Public IP's i'm stuck in this step.. Any way out ?  &nbsp;

Forum Discussion

CSS to F5 migration

2 Replies

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

Getting Started with BIG-IP Next: Migrating an Application Workload

F5 BIG-IP per application Red Hat OpenShift cluster migrations

Edge to Pulse: IP Geolocation Database Migration

uCS platform-migrate

Re: Welcome to the F5 BIG-IP Migration Assistant