Forum Discussion

BrianT_208154's avatar
BrianT_208154
Icon for Nimbostratus rankNimbostratus
Aug 13, 2015

IP Fowarding

We are trying to migrate a server off of our vlan 2 (172.20.2.0/23) and move it to vlan 212 (172.20.212.0). However our clients will still try to communicate with the host on vlan 2. I thought by using the ip fowarder iapp this would get the job done. So I set the virtual server to the 172.20.3.145 address and selected auto nat. This didnt work so I setup a SNAT pool with the new IP 172.20.212.46). This also didnt work. I then called support and I was advised that this would require irule. Would anybody know how to accomplish this?

 

4 Replies

  • Dayne_Miller_19's avatar
    Dayne_Miller_19
    Historic F5 Account

    Hi Brian- I'm not entirely clear on your scenario, but you shouldn't need an iRule. However, which of these describes what you're trying to do?

     

    1. Have clients still believe they're talking to server on its old IP address on VLAN 2, but that IP address is now a virtual server on the BIG-IP (presumably the 172.20.3.145 address). If that's the case, you just need to build a "Standard" virtual server--not "Forwarding (IP)"--enable SNAT, and have it send traffic to a one-member pool that contains the 172.20.212.46 server.
    2. Use BIG-IP as a router. This would assume clients know about the new address of the server, so I don't think this is what you mean. However, if it is, this is when you'd choose "Forwarding (IP)" as the virtual server type. The destination in that case would be either the migrated server's new IP address (Host) or the entire subnet (Network), depending on how specific you want to be. You don't assign a pool to forwarding virtual servers. You'd want to enable SNAT. Clients would have to have a route to the new network that uses the self-IP address of the BIG-IP on VLAN 2 as the gateway.

    Let me know if either of those (probably solution 1) works for you.

     

    • Greg_Crosby_319's avatar
      Greg_Crosby_319
      Historic F5 Account
      Another potential option is to use nat which might be useful in the event you do not want to delineate ports or inspect traffic. The option is also under the network translation menu. Your origin address would be the new ip, and the nat address would be the old server address.
  • Thank you for both replies. As soon as I get another I will try both methods and see what works best, we have a bunch of servers that will be moving to new subnets in near future. As for now the one we tried yesterday remained on the old subnet.