Scalability with multiple networks for Virtual Servers

Question

Ok, I've got a small issue and its really affecting my ability to scale. 
&nbsp;  
&nbsp; I've got 2 class C address spaces.    1 Class C we'll say 1.1.1.0 is setup as the typical "external" network and resides between the load balancer and an internet facing firewall.  I can assign IPs to virtual servers from this network range no problem. 
&nbsp;  
&nbsp; Along comes my second Class C, lets call it 2.2.2.0 . I would like to create Virtual servers on this network by routing this traffic from my firewall to the self IP on 1.1.1.0  and just define the Virtual Server for 2.2.2.10(as an example). 
&nbsp;  
&nbsp; I set this up as described above, I can ping 2.2.2.10 from the the load balancer, but not from the directly attached firewall(verified route here.   
&nbsp;  
&nbsp; Even if I create a new VLAN and create a self IP of 2.2.2.1 I still can't hit the 2.2.2.0 network from the firewall (routing verified again). 
&nbsp;  
&nbsp; Is what I am doing possible, I know it is with just about any device cable of Nating.  What am I missing to get this working?

dennypayne · Answer

This should work fine, are you setting up the 2.2.2.x virtual servers as Enabled on all VLANS?  ARP should be enabled by default but that's worth double-checking.  You might also make sure that the self IP on the 1.1.1.0 network is set to allow all traffic. 
&nbsp;  
&nbsp; Denny

jnantel · Answer

I think that may be the ticket right there.  I'd like to avoid having to define another interface/vlan for 2.2.2.0.  So my next question is how to I allow all traffic?Are we talking packet filter rule ? or that wildcard virtual server I hear mentioned a lot?

dennypayne · Answer

No just look at the self-ip definition, there's a dropdown box that shows what traffic is allowed (it defaults to "Allow Default").  Packet filters are disabled by default but if you have enabled them you would need to also make sure that there isn't one blocking the traffic. 
&nbsp;  
&nbsp; I'm pretty sure I've done this without a wildcard virtual before, but if you have to set one up just create a virtual server, Network type instead of Host, and use 0.0.0.0, mask 0.0.0.0, port 0.  Change the type from Standard to Forwarding(IP) and All Protocols.  Or you could use 2.2.2.0 specifically as the network in this case. 
&nbsp;  
&nbsp; Denny

jnantel · Answer

Setting the external interface to "Allow All" gave me exactly what I needed. Thanks a bunch Denny 
&nbsp;  
&nbsp; Jonathan

Forum Discussion

Scalability with multiple networks for Virtual Servers

4 Replies

Recent Discussions

iRule resulting in too many redirects

When F5OS r2800 appliance reboots, interfaces configured at tenant level for VLAN are lost

cat and grep command for rst messages

iControl for Gtm wideip

Telemetry streaming to Elasticsearch

Related Content

Scalable AI Deployment: Harnessing OpenVINO and NGINX Plus for Efficient Inference

Maximizing Scalability with F5 CIS: Blue-Green Deployment on OpenShift

What is Multi-Cloud Networking?

Demo Guide & Video Series for F5 Distributed Cloud Network Connect (Multi-Cloud Networking)

Enhance Performance and Increase Scalability with F5 BIG-IP on HPE GreenLake