Forum Discussion

SynACk_128568's avatar
SynACk_128568
Icon for Cirrostratus rankCirrostratus
Mar 14, 2015

How LTM process traffic for a VIP

Hi All,

 

This seems to be basic question . But i wanted to understand how the traffic is received by f5 for a particular VIP.

 

When some application or browser makes a request for VIP 1.2.3.4 and port 80 .

 

Then from his server it will get routed to through various network elements . Finally when it reaches the switch connected to load balancer . What will be config for this setup on the switch .

 

I suppose it will have route for self ip , that if any traffic comes for virtual server VLAN send traffic to self ip .

 

Or is it some other way ?

 

Also the MAC address wille be of that of Virtual server VLAN .

 

HOw after receiving traffic LTM send traffic to that particular VS ?

 

ANd when LTM failovers i think it sends garp to update other network elements connected to LTM .

 

And the garp generated is just of vlan or the virtual servers ?

 

Thanks

 

application delivery
LTM

1 Reply

Sort By
  • jftorres's avatar
    jftorres
    Icon for Nimbostratus rankNimbostratus
    Mar 15, 2015

    How the traffic gets to the BIG-IP depends on whether the virtual servers are on the same IP network that is on the Self-IP/VLAN, or a completely different IP network.

     

    Option 1: Virtual Server is on the same IP network as Self-IP and next-hop router. In this scenario the BIG-IP and router are directly connected on the same IP network as the Self-IP and virtual servers, so it will ARP out on that IP network/VLAN at which point the BIG-IP will respond with it's MAC address on that VLAN. That is the MAC address that the router will use to forward the traffic to the LTM on that IP network. (This changes when using MAC masquerade which I talk about a little later)

     

    Option 2: Virtual servers are on a different IP network than the Self-IP and the router. In this scenario the a static route has to be configured on the router that has the IP network of the virtual servers and the next-hop will be the self-ip on the BIG-IP that is on the same IP network.

     

    The MAC addresses are part of the VLAN, if you have a High Availability configuration with multiple units and configure MAC masquerade. If your network configuration is like option 1 the MAC masquerade address will be the one used for all floating-Self-IP's and the virtual servers.

     

    More details on MAC masquerade: https://support.f5.com/kb/en-us/solutions/public/13000/500/sol13502.html

     

    For matching virtual servers it attempts to find the most specific match in the following order destination address, source address and then port.

     

    More details on how it will match the virtual servers can be found here:

     

    https://support.f5.com/kb/en-us/solutions/public/14000/800/sol14800.html

     

    When the LTM fails over it will send out a GARP for all IP addresses that are on the same IP network as Self-IP addresses that it has configured. If the network configuration is Option 2, the router or next hop devices don't have ARP entries for the virtual servers and we will not send a GARP for virtual servers. If the network configuration is like Option 2 then it will send a GARP for all the virtual servers too.