Can you have nodes in a deifferent network than the virtual server

Question

Hi All
as the title says, if I have my virtual server IP hosted on a DMZ interface, could i have another interface/vlan in a different subnet with the actual nodes on them? what is best practice ? &nbsp;

hamish · Answer

Absolutely. &nbsp;
The most common scenario is to have VS addresses one subnet and pool members 'behind' the big on another subnet.&nbsp;
You can configure it either way, though usually using the BigIP as the router between the two subnets (And inline between the client and the pool members) is the more common.&nbsp;
Bets practice? Debatable, but IMO inline is better. If you're doing single-armed then you'll either have to do SNAT, or policy routing in your network or on the hosts, and that can get messy.&nbsp;

Forum Discussion

Can you have nodes in a deifferent network than the virtual server

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Related Content

Integrating SSL Orchestrator with Fortinet FortiGate Virtual Edition as a Virtual Wire

F5 Network Map to Json with Python

Define VM Network for Virtual F5

Quick Optimizations for F5 BIG-IP Virtual Edition

What is the Lightning Network?