Forum Discussion
Hi,
It is logical that both virtual servers will forward traffic to the same interface, they are in the same route domain and share the same routing table.
The only way to get this working is to create a Performance L4 VS on the input VLAN with a load balancing pool. ( set translate address and port to off ). In this pool configure the gateway as a pool member (the gateway of the corresponding partition.
Cheers,
Kees
- M_RahmJun 19, 2019Nimbostratus
Kees,
Thanks for your response. This makes sense but we need the policy based routing which will forward to the appropriate gateway from F5 based on the Source Address and will have to do SNAT too. I have attached the following iRule on the UAT VS but it's sending to the same gateway as Prod VS is. For example, I have a static route (16.15.19.33/32) pointing to 10.17.131.1 configured in Prod Partition and 16.15.19.32/30 pointing to 10.17.7.1 in UAT partition.
Four servers (2 in each pool) are going to the same destination, 16.15.19.33.
The question is, while adding the iRule in the L3 forwarding Virtual Server at the GUI, will I have to leave the Source Address blank (0.0.0.0) and SNAT option as "none". And leave the static route as it is or remove it. Been trying to find a solution for this for more than 3 weeks now :-). Any suggestion would be greatly appreciated. Thanks again.
Note: The Source IP addresses are in 2 different partitions so the following iRule gave an error while configuring in AT Partition saying it could not find the snatpool SNAT_SD_Prod_Pool_131.103.
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr] equals 10.17.131.0/27] } {
snatpool SNAT_SD_Prod_Pool_131.103 member 10.17.131.103
node 10.17.131.1
} elseif { [IP::addr [IP::client_addr] equals 10.17.7.12/30] } {
snatpool SNAT_SD_UAT_Pool_7.106 member 10.17.7.106
node 10.17.7.1
}
}
So changed it to the following in the UAT partition but still the traffic was being sent to Prod Firewall Interface which belongs to the Prod Partition.
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr] equals 10.17.7.12/30] } {
snatpool SNAT_SD_UAT_Pool_7.106 member 10.17.7.106
node 10.17.7.1
}
}