Virtual Server Attributes

Question

Hi
  When configuring virtual server i'm not sure what these options meant for?&nbsp;
1.Auto last hop
  2.Client clone
  3.Server clone
  4.Source port&nbsp;

jad_tabbara__j1 · Answer

Hello Chaithy, &nbsp;
1) Auto Last Hop &nbsp;
"When enabled, allows the system to send return traffic to the MAC address that transmitted the request, even if the routing table points to a different network or interface. As a result, the system can send return traffic to clients even when there is no matching route. For example, if the system does not have a default route configured and the client is located on a remote network. This setting is also useful when the system is load balancing transparent devices that do not modify the source IP address of the packet. Without the last hop option enabled, the system could return connections to a different transparent node, resulting in asymmetric routing. You can configure this setting globally and on an object level. You set the global Auto Last Hop value on the System :: Configuration :: Local Traffic :: General screen. To configure this setting globally, retain the Default setting. When you configure Auto Last Hop with a value other than Default at the object level, its setting takes precedence over the global setting. This enables you to configure auto last hop on a per-virtual server basis. The default is Default, meaning that the system uses the global auto-lasthop setting to send back the request."&nbsp;
2) Client Clone 
By adding a pool to this setting, the F5 will clone (copy) all traffic between the client and VS and send it to that pool. &nbsp;
3) Server Clone 
By adding a pool to this setting, the F5 will clone (copy) all traffic between the server and VS and send it to that pool&nbsp;
4) Source Port 
This settings affects the source port of the server side socket (btw the selfIP and the pool member) &nbsp;
Options&nbsp;

Preserve (default) : the system preserves the value for the source port, unless the source port is already in use, in which case the system uses a different port. &nbsp;

Preserve Strict : the system preserves the value configured for the source port. If the port is in use, the system does not process the connection (for special case such as UDP, nPath routing,...)

Change : the system changes the source port&nbsp;

Example 1 : with option "Preserve"&nbsp;
client side connection : src_IPA:port_A --&gt; dst_VIP:port_443&nbsp;
server side connection : selfIP:port_A --&gt; dst_poolmember:port_443&nbsp;
Example 2 : with option "Change"&nbsp;
client side connection : src_IPA:port_A --&gt; dst_VIP:port_443&nbsp;
server side connection : selfIP:port_B --&gt; dst_poolmember:port_443&nbsp;
As you can see, first case the port_A was preserved and in the second example port_A was change to port_B. &nbsp;
Hope it helps&nbsp;
Regards&nbsp;

Forum Discussion

Virtual Server Attributes

1 Reply

Recent Discussions

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

Check a Virtual Server's SSL Status

Virtual Server graphical App for F5 LTM

virtual server config

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Integrating SSL Orchestrator with Fortinet FortiGate Virtual Edition as a Virtual Wire