Ken_51674
Sep 19, 2013Nimbostratus
Multiple "Outside" interfaces and routing lookups
Tech Guru's,
I currently have a basic setup for load balancing consisting of an "outside" VIP subnet along with an "inside" POOL subnet. A firewall borders the "Outside" interface which NAT's public address’s to the VIP address's which allows the LTM to load balance. All is well.
We now would like to move another subnet (load balanced via a different LTM) underneath this F5 and not have to change any addresses associated with the devices either "Outside" or "Inside". This new "outside" subnet will hang off another interface on the FW and we'll need to add another interface on the LTM as well. The "inside" POOL subnet can stay the same as it is currently a transit VLAN which allows the "Pools" to sit anywhere. The new proposed setup would be 2 "Outside"LTM interfaces on different VLANs/Subnets attached to two different Firewall interfaces along with the single "Inside" LTM interface.
Here's my question surrounding the LTM and routing a packet. Today we have a default route on the LTM pointing out the current "Outside" interface to the border Firewall. When I add the second "Outside" interface how will the LTM choose which "Outside" interface to send the packet through? I'm wondering what the LTM will do when it gets a packet from a pool member translates it to the corresponding VIP address and now needs to send it out. Does it look to see what interface to send it on by which VIP address it translated it to or does it look at the routing table and forward the packet via the route table lookup? Does the VIP address matter (from a forwarding perspective) after the translation from pool member to VIP address takes place.. i.e will the LTM forward the packet on the VIP interface it just translated the pool member to or look to the routing table?
Thanks! Ken