Forum Discussion

Ed_Martens's avatar
Jul 15, 2022

Using shared object with BigIP

Hi,
Just a "stupid" question:

Is there a reason  NOT to use Shared object address list's with a VS?

In contrast  using  multiple VS configurations (when only destination address is the difference).

 

Like to hear you thoughts

  • Please lookup your /config/bigip_base.conf for the ACL related configuration objects.

    The shared objects concept may significantly reduce the number of configuration objects, i.e. mixing IPv4/IPv6 source/destination addresse in lists. Same story for destination ports.

  • When using shared objects some ACL mechanisms are applied in the background.

    In the past I saw some issues there (especially in the context of route domains), which seem to be fixed in the current TMOS v15.1.5.1.

    • Ed_Martens's avatar
      Ed_Martens
      Icon for Cirrus rankCirrus

      Hi Stephan,
      Thanks for the response. This is the same version we are running at the moment 😉

      • Please lookup your /config/bigip_base.conf for the ACL related configuration objects.

        The shared objects concept may significantly reduce the number of configuration objects, i.e. mixing IPv4/IPv6 source/destination addresse in lists. Same story for destination ports.