Select Page

BIG-IP LTM VS: The Addresses

by | 8-Mar-2020 | ADC, F5, LTM

Applied version

  • BIG-IP LTM
    Focus on version 15.X, 14.X
    Less focus on earlier version

BIG-IP LTM Virtual Servers: The Addresses

About The Virtual Server Address

The BIG-IP system uses the destination address, source address, and service port for

  • Match the new inbound connections to a Virtual Server
  • Those also to determine the order of precedence applied to new inbound connections.

 

When a connection matches multiple virtual servers, the BIG-IP system uses an algorithm that places virtual server precedence in the following order:

  • Destination address
  • Source address
  • Service port

 

VS Destination Address

When creating a virtual server, you must specify a destination address.

This destination address is a combination of IP address and Service Port address, you can specify:

  • IP address
    • Can be an IPv4 or IPv6 address
    • Can be a single IP address: 200.123.123.123
    • Can be a range of IP addresses: 200.123.123.0/30
    • Can be a list of IP addresses: “200.123.123.0/30”, “200.123.123.100-200.123.123.110”, “200.123.123.123”, “200.123.123.124”
      • *Create the list first “Shared Objects ›› Address Lists ›› Create”
  • Service Port address
    • Can be a “Wildcard VS”: 0
    • Can be a “Port-specific VS”: 80
    • Can be a list of Port addresses: 80, 443, 5000-5123
      • *Create the list first “Shared Objects ›› Port Lists ›› Create”

 

VS Source Address

When creating a virtual server, you have option to specify source addresses.

  • IP address
    • Can be an IPv4 or IPv6 address
    • Can be a single IP address: 100.1.1.1
    • Can be a range of IP addresses: 100.1.1.0/24
    • Can be a list of IP addresses: “100.1.1.0/30”, “100.1.1.100-100.1.1.110”, “100.1.1.5”, “100.1.1.6”
      • *Create the list first “Shared Objects ›› Address Lists ›› Create”

 

About Virtual Address

You create a virtual address indirectly when you create the first VS with a destination address that includes the creation of virtual address.

  • For example, if you create a VS with a destination address of 200.123.123.123:80, the BIG-IP system automatically creates the virtual address 200.123.123.123.
    • In most cases, you don’t need to explicitly create a virtual address.

 

You can explicitly create a virtual address through CLI TMSH.

  • This give you ability to use custom name for virtual address, this can be achieve by:
    • First, create a virtual address with custom name and address of 200.123.123.123
      • > create ltm virtual-address ADDRESS1 address 200.123.123.123 mask 255.255.255.255 enabled yes icmp-echo always
    • After that, create a virtual server 200.123.123.123:80
  • A virtual address without virtual server won’t do anything
    • This virtual address won’t even reply to ICMP even make it always availabe
      • > ICMP Echo: Always
      • > Availability Calculation: Always

 

You perform this task to modify a virtual address on the BIG-IP system.

On the Main tab, click “Local Traffic ›› Virtual Servers: Virtual Address List ›› click the name of the relevant virtual address”.

  • Name: The name that you assign to the virtual address (via TMSH). This name can match the virtual IP address itself.
  • Partition / Path: The pathname indicating the partition/folder in which the virtual address resides.
  • Address: The IP address of the virtual server, excluding the service.
  • Traffic Group: The traffic group that contains this virtual IP address.
  • Availability: The availability of the virtual address with respect to service checking.
  • State: The state of the virtual address, that is, enabled or disabled.
  • Auto Delete: A directive that the system should automatically delete the virtual address with the deletion of the last associated virtual server. When cleared (disabled), this setting specifies that the system should retain the virtual address even when all associated virtual servers have been deleted.
  • Availability Calculation: The virtual-server conditions for which the BIG-IP system should advertise this virtual address to an advanced routing module. This setting only applies when the Route Advertisement setting is enabled (checked). Possible values are:
    • When any virtual server is available
    • When all virtual server(s) are available
    • Always
  • Connection Limit: The number of concurrent connections that the BIG-IP system allows on this virtual address.
  • ARP: A setting that enables or disables ARP requests for the virtual address. When this setting is disabled, the BIG-IP system ignores ARP requests that other routers send for this virtual address.
  • ICMP Echo: Specifies how the system sends responses to ICMP echo requests on a per-virtual address basis. When enabled, the BIG-IP system intercepts ICMP echo request packets and responds to them directly. When disabled, the BIG-IP system passes ICMP echo requests through to the backend servers.
    • Disabled: Does not send ICMP responses.
    • Always: Always sends ICMP responses, regardless of availability status. This requires an enabled virtual address.
    • Selective: Internally enables or disables responses based on virtual server state: any virtual server, all virtual servers, or always, regardless of the state of any virtual server.
      • *For Selective, you must configure each relevant virtual server to notify the virtual address of its status.
    • Any: Responds when any virtual server is available.
    • All: Responds only when all virtual servers are available.
    • Route Advertisement: A setting that inserts a route to this virtual address into the kernel routing table so that an advanced routing module can redistribute that route to other routers on the network. Possible values are:
      • Disabled: Does not advertise the route for the virtual address, regardless of the availability status
      • Enabled: Advertises the route for the available virtual address, based on the calculation method selected in the Availability Calculation list.
      • Always: Always advertises the route for the virtual address, regardless of availability status. This requires an enabled virtual address.
      • Selective: You can also selectively enable ICMP echo responses, which causes the BIG-IP system to internally enable or disable responses based on virtual server state: any virtual server, all virtual servers, or always, regardless of the state of any virtual server.
      • Any: Advertises the route for the virtual address when any virtual server is available.
      • All: Advertises the route for the virtual address when all virtual servers are available.

    Recent Comments

      0 Comments

      Submit a Comment

      Your email address will not be published. Required fields are marked *