Forum Discussion

tolinrome_13817's avatar
tolinrome_13817
Icon for Nimbostratus rankNimbostratus
Jun 13, 2014

F5 VIP with Direct Access

I have two direct access servers configured or external load balancing with the F5. When I only had one Direct access server the F5 could see the physical IP of the Windows NIC on the direct access server and all was well. But as soon as I enabled the NLB cluster on direct access and added the other server it asked me for a DIP (dedicated IP) so it could use the current dedicate one as the VIP, no problem. But that VIP in the F5 pool is not working now. If I disable the VIP (member) traffic still flows from outside through the F5 Direct access pool in the F5 to the direct access servers. Im sure this is because I have the physical IPs in the pool as well as members. How can I get the VIP that is being used as the NLB cluster IP to be recognized in the F5? Thanks.

 

application delivery
deployment
LTM
management

4 Replies

Sort By
  • Kevin_Davies_40's avatar
    Kevin_Davies_40
    Icon for Nacreous rankNacreous
    Jun 13, 2014

    You need to check if the healthcheck you assigned to the pool is still working? Use telnet/curl from the command line to the vip to make sure it is still responding as you expect.

     

  • tolinrome_13817's avatar
    tolinrome_13817
    Icon for Nimbostratus rankNimbostratus
    Jun 14, 2014

    I'm thinking thought that since the F5 is doing the load balancing why would I need that VIP that Direct Access created? If the F5 is going the NLB then all I need in the pool are the physical ip's of each server, no? Its almost as if that VIP Direct Access created is nowhere.

     

  • Kevin_Davies_40's avatar
    Kevin_Davies_40
    Icon for Nacreous rankNacreous
    Jun 15, 2014

    I have read up some more on this. I can't really find any configuration information that I can suggest for you on this type of deployment. Information appears to be scarce and it seems this product has been replaced with another.

     

    You can try the physical IP's because in reality the F5 becomes the VIP for the service.

     

  • tolinrome_13817's avatar
    tolinrome_13817
    Icon for Nimbostratus rankNimbostratus
    Jun 15, 2014

    yeah I agree very little if at all any, its strange cause the VIP that MS Direct Access created I even put in the pool with the other ips' (physical ip's on the DA server) and the F5 also doesnt see it.Only reason why I'm concerned is because as soon as I created the cluster the client says it cannot "see" the DA environment, while in reality it does. So I thought it was looking for that MS VIP perhaps?