Hi all,
I have a pair of Big-IP v9.1.1 connected to a pair of firewalls like this :
Internet --> Firewall --> Big-IP --> Servers
Firewalls use VRRP.
In order to access to servers, I configured a forwarding virtual server :
virtual address A.B.C.X {
arp disable
mask 255.255.255.0
}
virtual Fwding_to_Servers {
destination A.B.C.X:any
ip forward
lasthop pool Pool_Gateway
mask 255.255.255.0
vlans Interco_Nokia_F5 enable
}
pool Pool_Gateway {
monitor all gateway_icmp
member W.X.Y.Z:any
}
When traffic comes from the Internet to servers, the firewall sends
paquets to the Big-IP with its own MAC address.
When traffic comes back to the firewall, the Big-IP uses the real
firewall MAC address instead of the VRRP MAC address.
This is a problem because when when we have a firewall failover, the
Big-IP uses the wrong MAC address.
I configured a lasthop pool for my forwarding Virtual server but it
didn't resolve the problem.
Does anybody have an idea for a workaroud ?
Best regards,
Nicolas
____________________
The Load Balancing Mailing List
Unsubscribe: mailto:majordomo@vegan.net?body=unsubscribe%20lb-l
Archive: http://vegan.net/lb/archive
LBDigest: http://lbdigest.com
MRTG with SLB: http://vegan.net/MRTG
Hosted by: http://www.tokkisystems.com
Received on Wed Apr 26 05:12:38 2006
This archive was generated by hypermail 2.1.8 : Wed Apr 26 2006 - 05:36:15 EDT