Forum Discussion

Andre-Germany's avatar
Andre-Germany
Icon for Nimbostratus rankNimbostratus
Nov 06, 2018

FORWARDING Virtual Server in the same Network with default Router

I have the following situation, the F5 cluster, the servers and the default router are in the same network. Now the requirement is that the servers should see the original Sorce IP. Since the servers also have to communicate so outward, I have built a forwarding VS on the F5. My idea behind it was that the servers should use the F5 as Deafult router and the F5 forwards the packets further to the default router in the network. Unfortunately, I do not see that the F5 forwards the packets to the Deafut router. Does anyone have an idea what this could be? Which IP of the F5 need the servers as default router? The Floating IP?

 

application delivery
LTM
security

2 Replies

Sort By
  • Philip_Jonsson's avatar
    Philip_Jonsson
    Icon for MVP rankMVP
    Nov 06, 2018

    Can you please post the configuration details of the forwarding VS? That way we can determine how you have configured your BIG-IP and what we might have to change.

     

  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Nov 06, 2018

    A "router" implies that it's routing between separate subnets. And assuming you don't have a single physical path through the F5, the firewall can just respond directly to the server IP if that's the source address it sees. The simplest option is to SNAT the traffic but then of course you lose the source IP to the firewall.

     

    You could also use a nexthop command in an iRule to force traffic to a VLAN and nexthop MAC (the firewall), but again that may not work in the reverse path.