Multiple 'Default' Gateways?

Question

&nbsp;  Greetings DevCentral!  
&nbsp;    
&nbsp;  I have a new Firewall cluster that I would like to phase into production.  My LTM hangs off one of old cluster interface pairs (clustered like HSRP clusters but not HSRP) and everyone is happy.  I have a new set with it's own cluster pair of IPs in the same vlan, it's just that the production LTM's don't use it.  
&nbsp;    
&nbsp;  I'd like to be able to selectively swing services through the new cluster but I'm not sure how I would implement it.  There is a wildcard forwarding VS that takes care of all the services currently configured.  
&nbsp;    
&nbsp;  My thought was to create new default forwarding virtual servers and tune the mask to pair up with each host that would use it, but that obviously would be tedious at best.  
&nbsp;    
&nbsp;  Maybe an iRule?  I'm not sure how that would be done. I can certainly nat from the new cluster, but I like our web folks to see the source IP. 
&nbsp;    
&nbsp;  Version 9.4.6.  
&nbsp;    
&nbsp;  Thanks for your insights,  
&nbsp;  Mike

hooleylist · Answer

Hi Mike, 
&nbsp;  
&nbsp; How many services (ip:port combos) are you eventually going to move to the LTM's?  If you'd like the option to configure specific load balancing/persistence/protocol handling per service, it would be ideal to configure individual VIPs for each service.  If you have a lot of services that you'd like to handle in a single VIP, then a network VIP would be more ideal. 
&nbsp;  
&nbsp; Can you provide more detail on what you're trying to migrate?  Could you also provide a simplified network diagram with sample IP addresses? 
&nbsp;  
&nbsp; Thanks, 
&nbsp; Aaron

mike_sullivan_2 · Answer

Hi Aaron,  
&nbsp;    
&nbsp;  Thanks for your reply.  I included a diagram, it should clarify just what I'm doing.  In the interest of brevity, I left out the Link Controllers (where I'll created new pools) and how I planned to control the flow.  This should clear it up.  
&nbsp;    
&nbsp;  Thanks for looking.  
&nbsp;    
&nbsp;  Mike 
&nbsp;  
&nbsp; PS There is a misspelled word 'engress' should be ingress.

mike_sullivan_2 · Answer

&nbsp;  
&nbsp; Well, good old auto lasthop totally takes care of this in my situation.  It's a non-issue. 
&nbsp;  
&nbsp; Thanks for looking. 
&nbsp;  
&nbsp; Cheers, 
&nbsp; Mike

Forum Discussion

Multiple 'Default' Gateways?

3 Replies

Recent Discussions

Maximum throughput of f5 ltm

iRule cookie persistence and pool redirect

redirect not working

Access azure app service using f5 LTM

Reliable resources for identifying IP addresses

Related Content

API Gateway Mapping - Gartner - F5

LTM: Per-VLAN Default Gateways

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

Whats new in NGINX Gateway Fabric 1.2?

Get Started With Kubernetes SIG Gateway API