Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

Data Group IP Lists and Route Domains

I wanted to ask this question since I hadn't seen a definitive answer for v11.x.

In a Data Group List of IP's, when route domains are in use, is it required to denote the route domain suffix (%x) for each IP/network? Should I leave it off?

Looks like in v10.x this did not work. See: https://devcentral.f5.com/questions/ip-address-based-classes-support-routing-domains-in-v101.

Thanks.

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Well, after posting my question, I realized I could test this. I set up a lab config, and here's what I found out:

v11 will take both with and without the route domain suffix. I suspect that WITH the Route domain the entry is more specific. Some environments utilize route domains to allow for duplicate address spaces and prevent IP conflicts. In that kind of situation, I can see where supplying the rd suffix would be helpful.

FWIW, I'm running Big-IP v11.4.1 HF2

0
Comments on this Answer
Comment made 21-Apr-2014 by What Lies Beneath 6719
Thanks Stuart, an interesting question so great to have an answer!
0
Comment made 06-Feb-2018 by Stephan Manthey 3803

Hi Stuart,
in TMOS v11.5.5 (base; no hotfix) the route domain suffix may be added to the datagroup entry (address%rd-suffix).
With a class match using "equals" comparison the route domain information seems to be ignored.
It seems to match the IP address and mask information only.
This may cause problems with overlapping IP ranges.
Thanks, Stephan

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

This behaviour is documented here: https://support.f5.com/csp/article/K12301

K12301: The 'class' iRules command does not honor route domain specifications within an IP class

0