Wildcard VS does not forward traffic on assigned VLAN
Hi there,
I need some help from the community. 🙂
I can't get a wildcard virtual server to match/forward traffic. I've been fighting with this for a few days now. Maybe I'm missing something simple?
Setup is HA pair / BIG-IP 13.1.0.3 Build 0.0.5 Point Release 3
A little background.
I created this wildcard vs in response to following requirements:
1) Send tcp,udp syslog traffic to new pool (lets call it syslog_pool) in VLAN100
2) Preserve source-ip header for all traffic sent to new pool (No SNAT)
In order to preserve source-ip I set the floating self-ip (172.16.0.6) in VLAN100 as the default gateway for servers in the syslog_pool (instead of usual gateway 172.16.0.1). This is to prevent an asymmetric route with snat automap disabled.
However the default-route on the F5 pair is not appropriate for traffic sourced from these servers destined for external networks.
I tried to solve the default-route problem by sending all traffic sourced from this VLAN back to the correct gateway (pool vlan100_net_gateway [172.16.0.1] in VLAN100) as follows (IP's and VLAN ID's obfuscated):
ltm virtual syslog_ip_route_0 {
destination 0.0.0.0:any
mask 255.255.255.255
pool vlan100_net_gateway
profiles {
ip_route_fastl4 { }
}
source 0.0.0.0/0
translate-address disabled
translate-port disabled
vlans {
VLAN100
}
vlans-enabled
vs-index 1540
}
ltm profile fastl4 ip_route_fastl4 {
app-service none
defaults-from fastL4
idle-timeout 300
loose-initialization enabled
reset-on-timeout disabled
}
ltm virtual-address 0.0.0.0 {
address any
arp disabled
icmp-echo disabled
mask 255.255.255.255
traffic-group traffic-group-1
}
net self 172.16.0.6 {
address 172.16.0.6/24
allow-service all
floating enabled
traffic-group traffic-group-1
unit 1
vlan VLAN100
}
Problem: zero traffic matches this wildcard vs. Stats on the virtual server, the virtual address, and vlan100_net_gateway pool are all zeros.
I can ping the floating-ip (default gateway) from the servers.
I can access any VIP on the F5's (listening on all VLANs) from the servers via floating-ip as default gateway.
I see only SYN's for traffic sent to external networks when watching on the F5's with tcpdump.
I even tried moving VLAN, Self-IPs, Pool and VIP to brand new route domain. Same issue. 0 Traffic.
Any ideas?
Thanks!