Forum Discussion

Ronnie_Munoz's avatar
Ronnie_Munoz
Icon for Nimbostratus rankNimbostratus
Nov 27, 2018

Trying to create an internal IP virtual server pointed to a load balanced pool for an API call

Pretty simple question, at least I hope. Trying to build a load balanced pool with two members listening on port 9000 for an API call. What type of virtual server would need to be built? I've started with an internal IP address of 192.168.xx.xx and have tried a Performance Layer 4 and a Standard build to no avail. I've used port 9000, port 80, and Any Port on the virtual and still no love. However, if I point my browser to the individual pool members over port 9000 I get a server side response.

 

17 Replies

  • eben's avatar
    eben
    Icon for Nimbostratus rankNimbostratus

    Hi Ronnie,

     

    1. Verify F5 can reach the servers {Ping}
    2. If the servers don't have F5 IP as default gateway, enable SNAT(snat-pool or automap) on your virtual server.

    HTH

     

    • Ronnie_Munoz's avatar
      Ronnie_Munoz
      Icon for Nimbostratus rankNimbostratus
      1. Confirmed the servers are pingable/reachable from the F5. They are passing their health check and the pool is up and ready for traffic.
      2. Auto Map SNAT enabled, that is our default virtual server config build.
    • eben's avatar
      eben
      Icon for Nimbostratus rankNimbostratus

      Share the output of the following;

       

      tcpdump -nni 0.0:nnnp host and port

       

      tmsh list ltm virtual

       

    • eben's avatar
      eben
      Icon for Nimbostratus rankNimbostratus
      1. If the server vlan is not setup on the device(F5), do "tmsh show net route lookup ", get the F5 egress ip address from the output of the cmd and create and add the egress ip add to a snat-pool, apply the snat pool to the virtual server and try again.

         

      2. Set your vs to listen on port 80 and enable port-translation. and also try accessing.

         

      3. How do you access the backend server service (URL)?

         

      4. What version of TMOS are you running?

         

  • Hi Ronnie,

     

    1. Verify F5 can reach the servers {Ping}
    2. If the servers don't have F5 IP as default gateway, enable SNAT(snat-pool or automap) on your virtual server.

    HTH

     

    • Ronnie_Munoz's avatar
      Ronnie_Munoz
      Icon for Nimbostratus rankNimbostratus
      1. Confirmed the servers are pingable/reachable from the F5. They are passing their health check and the pool is up and ready for traffic.
      2. Auto Map SNAT enabled, that is our default virtual server config build.
    • eben_259100's avatar
      eben_259100
      Icon for Cirrostratus rankCirrostratus

      Share the output of the following;

       

      tcpdump -nni 0.0:nnnp host and port

       

      tmsh list ltm virtual

       

    • eben_259100's avatar
      eben_259100
      Icon for Cirrostratus rankCirrostratus
      1. If the server vlan is not setup on the device(F5), do "tmsh show net route lookup ", get the F5 egress ip address from the output of the cmd and create and add the egress ip add to a snat-pool, apply the snat pool to the virtual server and try again.

         

      2. Set your vs to listen on port 80 and enable port-translation. and also try accessing.

         

      3. How do you access the backend server service (URL)?

         

      4. What version of TMOS are you running?

         

  • This seems to have been completely my bad. I did not have a firewall rule from our F5's floating IP down to the servers in the pool. I overlooked that part of my build when I noticed the pool was already up and accepting traffic. Thanks for your suggestions though eben, your troubleshooting did help me!