Forum Discussion

Steffen_87645's avatar
Steffen_87645
Icon for Nimbostratus rankNimbostratus
Jun 26, 2015

Problems with 2 route domain setup

Hello,

we have a BigIP with internal and external network.

We need two different routing tables for

  • external traffic connection to the VIPs and
  • internal traffic from the BigIPs to the nodes.

So I created in /common a route domein (%1) as child of the default domain. I put the external self IPs into %1 and created routes for the external world.

The internal self IPs and the nodes are in domain 0 (no %1).

The BigIP can see the nodes (all monitors of all nodes show "up".

I can connect from external to the VIPs, but I do not get a valid HTML answer. E.g.

telnet mybigip.example.com 80
Connected to mybigip.example.com.
Escape character is '^]'.
GET / HTTP/1.1
Host: mybigip.example.com
Connection: close

Connection closed by foreign host.

I monitored the internal and external interfaces with tcpdump. I can only see the monitoring traffic to the nodes, but nothing related to my request.

The same configuration without second routing domain is working fine.

Has anyone a suggestion? Thanks in advance, Steffen

2 Replies

  • Amolari, thanks!

     

    The nodes are in routing domain 0.

     

    I can telnet from routing domain 0 to then nodes on port 80. If I use rdsh / rdexec to telnet from %1, I get blocked on oor firewall and find this in the log.

     

    tcpdump works on internal (default routing domain) and external (domain %1). I can see traffic.

     

    But if I send a request to the VIP, I see not outgoing packets.

     

    • neiter on internal interface (monitored with tcpdump on BigIP and node)
    • nor on external interface (monitored with tcpdump amd no logs on firewall).

    So obviously the BigIP is sending nothing out. :-(

     

    Any logs to consider?

     

    Thanks, Steffen