Forum Discussion

Albert_Coll's avatar
Apr 08, 2021

Problem when attempting to route between two route domains.

Hello,

 

I have this scenario

  • A front-end vlan (vlan_one), belonging to Route Domain #1
  • A back-end vlan (vlan_two), belonging to Route Domain #2
  • Some virtual servers in between, to balance traffic from the front-end users to the back-end servers.

 

Now, some administrators behind a firewall connected to the front-end (vlan_one) need to reach the back-end servers directly. So that routing between Routing Domains #1 & #2 should be enabled.

 

How can I perform the routing between both Route Domains?

I disabled the "strict isolation" on both Route Domains, plus within the Route Domain #1 (Front-End) I set the Route Domain #2 (Back-End) as his parent Domain.

But the routing does not seems to work.

Do you think this is the right way to do that? Or did I left something?

 

Regards in advance.

 

  • Thank you both for your inputs. By using tcpdump and other features at the perimeral firewall, we realized that the problem was not caused at the BIG-IP LTM itself, but in the firewall configuration.

    Best regards.

  • Hello Albert.

    Take into account this:

    "When you create a route domain, you can associate a parent route domain. When the BIG-IP system is unable to find a necessary route in the child domain, the system can then search an associated parent route domain for a possible route."

    I suspect that you have one route configured in your child domain to reach your destination. You can check with:

    ip route

    ​Anyway, your best chance is to route traffic between route domains using an external router.

    Regards,

    Dario.