self IP address

Question

Hello,&nbsp;
I am under so much of confusion right now. Hope someone can help me.&nbsp;
 &nbsp;
I got the following extract from http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos_management_guide_10_1/tmos_intro.html1023688.&nbsp;
 &nbsp;
"Each VLAN you create has its own self IP address. The BIG-IP system uses this address as the source IP address when sending requests to hosts in a VLAN, and hosts in a VLAN use this IP address as the destination IP address when sending responses to the BIG-IP system."&nbsp;
 &nbsp;
But from all the f5 training I did from the online F5 university and in person, I learnt that the F5 uses the original client address as the source IP address when sending requests to hosts in the internal vlan, unless SNATing or NATing has been configured.  The self IP address is just the default gateway for hosts on that vlan. Am I right?&nbsp;
 &nbsp;

kevin_stewart · Answer

Admittedly it is confusing. A self IP provides at least THREE functions (though many more): 
&nbsp;  
&nbsp; 1. It is the source address when Automap SNATting. 
&nbsp;  
&nbsp; 2. It can be the default gateway for systems on an internal VLAN. 
&nbsp;  
&nbsp; 3. It provides a "route hint" mechanism to the BIG-IP system, when more explicit routing isn't defined, so that it knows which VLAN to send traffic to. &nbsp;

newbie_48881 · Answer

HI Kevin, 
&nbsp;  
&nbsp; I know about the first two point you mentioned but I haven't dealt with : 
&nbsp;  
&nbsp;  3. It provides a "route hint" mechanism to the BIG-IP system, when more explicit routing isn't defined, so that it knows which VLAN to send traffic to.  
&nbsp;  
&nbsp; Would you be able to point me to an article or something that talks about it? &nbsp;

nitass · Answer

Would you be able to point me to an article or something that talks about it? i understand it means "connected subnet". 
  
 e.g. 
 root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list net self 172.28.20.11/24
net self 172.28.20.11/24 {
    address 172.28.20.11/24
    allow-service {
        default
    }
    traffic-group traffic-group-local-only
    vlan external
}
root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list net self 200.200.200.11/24
net self 200.200.200.11/24 {
    address 200.200.200.11/24
    allow-service {
        default
    }
    traffic-group traffic-group-local-only
    vlan internal
}
root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) show net route 172.28.20.0/24

----------------------------------------------------------------------
Net::Routes
Name            Destination     Type       NextHop           Origin
----------------------------------------------------------------------
172.28.20.0/24  172.28.20.0/24  interface  /Common/external  connected

root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) show net route 200.200.200.0/24

--------------------------------------------------------------------------
Net::Routes
Name              Destination       Type       NextHop           Origin
--------------------------------------------------------------------------
200.200.200.0/24  200.200.200.0/24  interface  /Common/internal  connected

Forum Discussion

self IP address

3 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

SNAT IP address logging

RADIUS update NAS-IP-Address

APM custom address space by client IP?

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

Decoding the IPv4 address from the persistence cookie