Forum Discussion

Sarah_258804's avatar
Sarah_258804
Icon for Cirrus rankCirrus
May 05, 2016

In one-arm mode, do my pool member servers have to be in the same network as the vIP/self-IP?

Reading through the LTM Implementation Worksheet and it says:

 

"In a one-arm network, the Virtual IP (VIP) is on the same IP address space as the pool member servers. A one-arm network typically requires the source IP to be SNAT'ed to the floating IP address of the LTM when the packet is sent to the server. In a one-arm configuration, the server's default gateway is a network device such as a switch or router."

 

Is this the only way or can I have my pool members in a different network/subnet as my self-IP and vIP?

 

aci
application delivery
BIG-IP
cisco aci
LTM

3 Replies

Sort By
  • Sarah_258804's avatar
    Sarah_258804
    Icon for Cirrus rankCirrus
    May 05, 2016
    Awesome, thanks Pete. I was pretty sure that it could be done without having the pool members in the vIP subnet, however the way it was worded in the worksheet made it sound like there was only one way this could be configured.
  • pete_71470's avatar
    pete_71470
    Icon for Cirrostratus rankCirrostratus
    May 08, 2016

    We run mostly in one-arm mode and there are no VIPs in the server networks. No problems. I think the worksheet is a guideline for sensible deployments. You can concurrently have inline and one-arm configurations on the same appliance successfully. We do this and have no issues.

     

    • IanB's avatar
      IanB
      Icon for Employee rankEmployee
      May 08, 2016
      Just to add to that, there's no such thing as one armed "mode".. it's not a switch or an option that can be turned on. All it describes is a situation where that the requests to the pool members happen to go out on the same vlan that the requests to the vip came in on.