Transparent load balancing without F5 as a gateway

Question

Hi everybody,&nbsp;
I search if one think is possible.&nbsp;
I have scheme like that :&nbsp;
Client IP    ----&gt;     F5 VS IP      ----&gt;       Servers IP&nbsp;
198.18.0.1     ----&gt;     192.0.2.1:3128     ----&gt;      172.16.1.11:3128 and 172.16.1.12:3128    
&nbsp;
I want that the servers can see the client IP and respond to this passing by the F5 (like in the scheme here).&nbsp;
&nbsp;
It is easy for instance and it is the normal working for the F5 load balancing.&nbsp;
But I want to know if we can keep this working if the F5 is not the gateway of the servers. Indeed, I have a network with some servers (and services) which have the normal gateway. But, for some services, I want that the services are load balancing. But I don't want that the F5 is the gateway of the services.&nbsp;
Is there a fonctionality on the F5 which could permit that ? I am not sure so I prefer asking.&nbsp;
Thanks a lot in advance.&nbsp;
Regards,&nbsp;
Agathe&nbsp;

kevin_k_51432 · Answer

Greetings,&nbsp;
This sounds like a forwarding virtual server. The section "Emulating stateless IP routing with BIG-IP LTM forwarding virtual servers" discusses this in more detail:&nbsp;
https://support.f5.com/csp/article/K7595&nbsp;
Hope this is helpful!&nbsp;
Kevin&nbsp;

agathe_309970 · Answer

Yes it could be great. Thanks a lot.&nbsp;
Just a precision, is it possible to affect a pool to load balance with this virtual server type ? For example with a iRule ?&nbsp;
Thank you.&nbsp;
Agathe&nbsp;

kevin_k_51432 · Answer

iRules will work, provided you don't attempt to inspect or modify packets above layer 3. &nbsp;
The pool question's not entirely clear to me.&nbsp;
Thanks!&nbsp;
Kevin&nbsp;

agathe_309970 · Answer

In fact, behind the F5, I have a pool of servers (2 for instance) that I want to load balance. These servers provide the service but need to obtain the client IP to do filtering. With that, if the F5 is not the gateway of these servers, the responses go directly to the client which doesn't know the IP source (the server IP) so the returns packets are never taken into account.&nbsp;
I don't know if it is possible but the aim is to do that. I will test with the forwarding virtual server and the iRule. I will tell you if it works.&nbsp;
Thank!&nbsp;
Agathe&nbsp;

Forum Discussion

Transparent load balancing without F5 as a gateway

4 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

Port Group on F5OS network setting

Advise on setting up IRULE

F5 iRule to replace host to path

google-visualization-issues

Related Content

Transparent Load Balancing in Azure

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

Integrating SSL Orchestrator with Symantec ProxySG: Transparent Proxy

Active/Active load balancing examples with F5 BIG-IP and Azure load balancer

Integrating SSL Orchestrator with CheckPoint Firewall VM-Transparent Proxy