Forum Discussion

Approxee's avatar
Approxee
Icon for Nimbostratus rankNimbostratus
Jul 02, 2013

LTM on VMware

I just cant get it to work. I was determined not to give up, but after nearly a week, I have. I have never used VMware before, so I am 100% sure it is me doing something wrong.

 

The laptop I have have one ethernet and and one wireless port. None are in use.

 

I want to be able to get to the F5 management port 192.168.0.20 (this works) and create another /24 for the SelfIP and VIPs( this does not work), but nothing physical as I am testing from the machine the VM is on.

 

I can get the F5 management port to work, buy bridging the 1st VM Network Adaprtor and giving the F5 Management address in the same subnet as my Lappy address.

 

I am trying to create another L3 connection to the F5, using a different subnet, 192.168.40.40 for VIPs

 

To do this I have got a 2nd interface on my VM that is connected to the F5 1.1 interface. I know this, as if I shut one end the other goes down. So I have a virtual L1 connection between the F5 LTM and the VM machine.

 

This is where I get stuck, I can use Bridged, NAT, Host-Only, Custom. I have seleted Custom with the Name of VMnet8(NAT)

 

My windows routing table looks like:

 

192.168.40.0 255.255.255.0 On-link 192.168.40.1 276

 

192.168.40.1 255.255.255.255 On-link 192.168.40.1 276

 

 

 

My Laptop VM host machine interface looks like this :

 

 

Ethernet adapter VMware Network Adapter VMnet8:

 

 

Connection-specific DNS Suffix . :

 

Link-local IPv6 Address . . . . . : fe80::c4be:d4b2:8e11:5d98%22

 

IPv4 Address. . . . . . . . . . . : 192.168.40.1

 

Subnet Mask . . . . . . . . . . . : 255.255.255.0

 

Default Gateway . . . . . . . . . :

 

 

 

 

My SelfIP 192.168.40.2 In a VLAN called Vtest which is tagged in VLAN 8, (as I though the VMnet8) might mean it was tagged with VLAN 8

 

 

Nothing Pings, from the F5 i cant get to my Laptop and from the Laptop I cant ping the SelfIPs

 

 

Can anybody help me with what is wrong, it is not L1 as this is OK, I am sure it is to do with the VM network Connection Type, but I have tryed them all, and none of them can make my L3 connection work.

 

 

Kind Regards

 

 

Graham Mattingley

 

 

3 Replies

  • The first question would be which version of LTM are you trying to install? The network stacks/drivers have changed between versions.

     

     

    There are a few different ways to do this, based on preference, but I'll tell you how I do it.

     

     

    1. Your VM needs at least TWO network adapters. The first in the list will always be your management port. I like to create several adapters and set them as host-only, and then one other assigned to the NAT. Doing host-only allows you to isolate the networks in your lab. I may also choose to NOT "Connect a host virtual adapter to the network" for some networks, which would otherwise create an adapter on my local machine, so that I can only access those networks through the LTM (or other routing device). I'll use the NATted adapter as my route to the world through VMware's NATted interface to my host machine's Internet connection.

     

     

    2. Install VMware via ISO or the VE .ova. The .ova will have most of the above already done for you and is infinitely easier to set up. You want to make sure that after the install the second and subsequent interfaces have assigned MAC addresses. If no MAC assigned, then nothing else matters. Again, the .ova will do most of this for you.

     

     

    3. Once you have connectivity to the management GUI via the management network, and assigned MACs on the other interfaces, start setting up your VLANs and self-IPs. One oddity of Workstation that I've come across from time to time is that the interfaces aren't in any order. Generally you can look at the list of interfaces in the VM's config and go by that order, but sometimes not. The first one will always be the management port (or you wouldn't be able to get into the GUI), but the others could be in different orders. So what I do, if the specified order doesn't seem to be working, is to create my VLANs without any interfaces assigned, create the Self-IPs and attach to the VLANs, then start a ping from my local machine to the Self-IP as I add and remove interfaces from the VLANs (one at a time). Between tests you'll probably need to clear your local ARP cache (arp -d *). In the end you should be able to ping each of the Self-IPs.

     

     

    4. As for the NATted interface, you'll want to give it a static Self-IP in the subnet that VMware Workstation uses for its NAT. In my lab that's 192.168.247.0/24. You can then create a route out to the world by building a default gateway (0.0.0.0/0) that points to the .1 IP (ex. 192.168.247.1) of the NATted subnet, and DNS is usually the .2 address. Test by issuing either an nslookup or curl statement from the command line to something on the Internet.

     

     

    Give that a shot and let us know how it goes.

     

  • Hi Kevin,

     

     

    I am on the trial version of BIGIP-10.1.0.3341.1084

     

     

    Thank you very much for your reply. I have tryed everything. For some reason it is probably just not going to work on this PC. I have uninstalled VMware Workstation (9.0.2 build-1031769), reloaded the VM, reset the F5 back to default configs, nothing will work.

     

     

    The message from PING is "destination host unreachable", I think on this version of F5 maybe the selfIPs don't respond to PING, so I have been pinging some VMs I created. From each side I can ping the IPs, so from the F5 VM, I can ping all of the addresses on the F5 and from the laptop, i can ping all of the IPs the VM has created.

     

     

    I have turned of Windows FW, this did not seem to be having an affect anyway, but I have left it off for now

     

     

    I know what VM interface is what F5 interfaces as I can shut it down on the VM and see it go down on the F5, so I know the L1 is OK

     

     

    I have pinged from the laptop specifying both the source and destination, just encase something weird source IP address is being selected. I can see the ping packets from my laptop appearing in the interface statistics counters of the F5, but the laptop just says "destination host unreachable"

     

     

    Thanks for you help, with this, I have run out of idea's

     

     

    Graham

     

  • I'd retry the process using a current BIG-IP VE version. The trial version is 10.1 which is ancient. And it had some imposed limitations.

     

     

    You can contact your F5 or partner SE via www.f5.com/howtobuy and ask them for an evaluation key for VE.

     

     

    Aaron