Policy Based Routing (PBR) - Using IP prefix on management and productive interface

I'd hope you could avoid PBR. Static routing on the F5 should work; the management interface should only be used for locally sourced traffic or responding to traffic that came in that way, you should never have a situation where it comes in over a TMM interface and goes out via the management interface. The opposite can occur however.

The management interface default route is only used if the management (HMS) and TMM routing tables contain no match. If you have a default route configured in LTM it'll never be used. Ensure you have specific network routes in both tables and it should work fine.

Problem is, that the service interface and management interface have to be able to reach the same IPs/networks. Basically it can happen, that a request on the service interface, would be replied via the management interface.

you mean you are having virtual server for dns service and want to make sure dns response is sent via tmm interface, don't you?

if yes, i understand it would be fine because of auto last hop setting.

sol13876: Overview of the Auto Last Hop setting (11.x)

Hi,

Thx for the answers. I solved it by introducing a route domain, as described here:

https://devcentral.f5.com/articles/v10-a-look-at-route-domains.UidM5T82C0Q

In short terms you create the route domain and get the domain id. This ID is appended with "%" to all the IP addresses starting from self ip over to the pool members and node definitions like this 192.168.15.1%2 for example for route domain id 2.

at What Lies Beneath: I am not shure, if I exactly tried this, but without success. So let say it's untested and it might be a solution.

at nitass: Auto Last Hop setting works on SRC MAC addresses, but in my case this will always the gateway MAC and should not really work in my case. But thank you anyhow, I did not knew the feature and it might be intersting in an other case.

Thx, SJ