nPath routing allows you to route outgoing server traffic around the BIG-IP Controller directly to an outbound router. This method of traffic management increases outbound throughput because packets do not need to be transmitted to the BIG-IP Controller for translation and forwarding to the next hop.
To use nPath routing, you must configure the BIG-IP Controller so that it does not translate the IP address or port of incoming packets. This is important because packets must not be translated when they are outbound to the router. To avoid translation of incoming, or destination packets, you must define virtual servers with address translation turned off.
The following tasks are required to configure the BIG-IP Controller to use nPath routing:
You can disable address translation on any virtual server. Turning off address translation is necessary for nPath routing. The following two procedures describe how to create a virtual server in the Configuration utility and then how to turn address translation off for the virtual server.
After you create a virtual server, you must turn address translation for the virtual server off.
Enter the bigpipe vip command as shown below to create the virtual server mapping. Note that you must turn off address translation for the virtual server you create.
bigpipe vip <virtual IP>:<port> define <node IP>:<port> \
<node IP>:<port>... <node IP>:<port>
For example, the following command defines a virtual server that maps to three nodes. After you create the virtual server, you must turn off address translation. Use the following syntax to turn off address translation for the virtual server.
bigpipe vip <vip>:<port> translate addr [ enable | disable ]
For example, use the following command to turn off address translation for the virtual server 184.108.40.206:80.
bigpipe vip 220.127.116.11:80 translate addr disable
A route must be defined through the BIG-IP Controller on the inbound router in your network configuration. This route should be the IP address (or alias) for the server, or servers, for which you want to set up nPath routing. The gateway should be the external shared IP alias of the BIG-IP Controller.
For information about how to define this route, please refer to the documentation provided with your router.
With nPath routing, the BIG-IP Controller cannot track the normal FIN/ACK sequences made by connections. Normally, the BIG-IP Controller shuts down closed connections based on this sequence. With nPath routing, the idle connection time-out must be configured to clean up closed connections. You need to set an appropriate idle connection time-out value so that valid connections are not disconnected, and closed connections are cleaned up in a reasonable time.
To set the idle connection time-out in the /etc/bigip.conf file, edit the following lines:
treaper <port> <seconds>
udp <port> <seconds>
The <seconds> value is the number of seconds a connection is allowed to remain idle before it is terminated. The <port> value is the port on the wildcard virtual server for which you are configuring out of path routing. The recommended value for the TCP and UDP connection timeouts is 10 seconds.
You must configure your servers differently to work in nPath mode. The IP address of the server (18.104.22.168 in Figure 8.1) must be placed on what is known as the loopback interface. A loopback interface is a software interface that is not associated with an actual network card. It allows a server to respond to an IP address without advertising it on a network. Most UNIX variants have a loopback interface named lo0. Microsoft Windows has an MS Loopback interface in its list of network adaptors. Consult your server operating system documentation for information about configuring an IP address on the loopback interface. The ideal loopback interface for the nPath configuration does not participate in the ARP protocol, because that would cause packets to be routed incorrectly.
In this configuration, you must configure the BIG-IP Controllers, the router, and each web server. The following procedures describe each configuration task.
Use the following commands to configure the BIG-IP Controllers in this example (Figure 8.1, number 1):
bigpipe vip 22.214.171.124:80 define 10.1.1.11:80
bigpipe vip 126.96.36.199:80 translate addr disable
bigpipe vip 188.8.131.52:80 define 10.1.1.11:80
bigpipe vip 184.108.40.206:80 translate addr disable
Set up the following configuration on the router (Figure 8.1, number 2)
This router has a route to the 220.127.116.11 network through BIGip 18.104.22.168.
Set up the following configuration on the web servers (Figure 8.1, number 3)
The web servers have an HTTP service listening on address 22.214.171.124, port 80. The address 126.96.36.199 is bound to the loopback device. Their default route is 10.1.1.1.