Forum Discussion

waterfall_10467's avatar
waterfall_10467
Icon for Altostratus rankAltostratus
Nov 23, 2013

Route_Domain

Hello ,

 

i need to make route domain in routing mode in the same subnet . is it possible? Because f5 must be between internet bgp routers and firewall. Because all vpns, nats are terminated on firewall.That's why, i need to run as routing mode to forward to the servers which are behind firewall to be followed client's originating source ip and port by developers.That's why, we have made two vlan on layer2 switch as outside and inside .Can we set route domain implementation %1 route domain id for outside %2 for in side for routing mode with same ip or is not same with two different id ?

 

the subject is very urgent dor us so could someone support me.

 

Thank you.

 

deployment
design
management

5 Replies

Sort By
  • IheartF5_45022's avatar
    IheartF5_45022
    Icon for Nacreous rankNacreous
    Nov 25, 2013

    The answer is that Yes definitely you can route the same destination subnet differently in different route domains, but I don't quite understand the overall topology you are describing. Can you give more information - a diagram?

     

    • waterfall_10467's avatar
      waterfall_10467
      Icon for Altostratus rankAltostratus
      Nov 30, 2013
      thankyou for your response, client--->dest adress :95.108.98.107 that is vip adress and self ip 95.108.98.108 all of these default route domain 0 and now f5 must forward to pool members this traffic and so i created RD with 1 id and i gave self ip 95.108.98.109%1. i wonder whether this config can work in this way.
  • IheartF5_45022's avatar
    IheartF5_45022
    Icon for Nacreous rankNacreous
    Dec 02, 2013

    Hi I don't see why it wouldn't work if you had a l2 switch connecting the interface in rd:0 and :1, but it's hard to envisage why you want to place 2 route domains back to back like that, in the same VLAN. I can understand if you had F5(rd:0) ==> firewall/servers ==> F5(rd:1), as you may want to use your F5 in 2 separate security domains, but not back to back.......

     

    Also if you do it like that, make sure you have the physical interface in rd:0 different from the physical interface in rd:1 as you could get mac address clash.

     

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Dec 02, 2013

    you want to put bigip in between router and firewall without changing subnet, don't you?

     

    yes, it can be done. you are correct.

     

  • waterfall_10467's avatar
    waterfall_10467
    Icon for Altostratus rankAltostratus
    Dec 12, 2013

    hello Nitass,

     

    yes i want to put bigip in between router and firewall without changing subnet . ok then thank you i have already performed and it has been working correctly for the first time.