Whether you implement an ECMP-based all-active device group using SNAT Auto Map or by creating SNAT pools, you must first perform some basic Traffic Management Operating System (TMOS) tasks. These basic tasks pertain to licensing and DNS confirmation, and NTP server configuration, followed by tasks to create VLANs and self IP addresses. Other tasks pertain to creating a BIG-IP device group along with an administrative partition for local traffic objects.
After configuring these TMOS objects, you can choose to implement either the SNAT Automap or the SNAT pool use case.
On each BIG-IP device that you intend to include in the cluster, you must verify that the license includes the advanced routing modules for dynamic routing.
VLANs represent a logical collection of hosts that can share network resources, regardless of their physical location on the network. You create a VLAN to associate physical interfaces with that VLAN. For this implementation, F5 Networks recommends that you create three VLANs on each BIG-IP device: a VLAN for the external network, a VLAN for the internal network, and a VLAN for high availability communications.
Self IP addresses enable the BIG-IP system, and other devices on the network, to route application traffic through the associated VLAN. For this implementation, you perform this task on each BIG-IP device to create a unique static self IP address for each of the three VLANs (external, internal, and high availability). In this task, you replace any sample self IP names or IP addresses with the relevant self IP names or addresses for your network.
For example, you can type ffff:ffff:ffff:ffff:0000:0000:0000:0000 or ffff:ffff:ffff:ffff::.
This table shows sample IP addresses for BIG-IP devices, along with explanatory information.
|BIG-IP device||Self IP address||Associated VLAN||Purpose|
|Bigip_1||220.127.116.11||External||The upstream ECMP router uses this address to load balance traffic to the virtual server on Bigip_1.|
|10.1.1.2||Internal||This is the address that other device group members use when synchronizing a configuration to Bigip_1.|
|10.1.2.2||High availability||This the address that other device group members use for high availability communications with Bigip_1.|
|Bigip_2||18.104.22.168||External||The upstream ECMP router uses this address to load balance traffic to the virtual server on Bigip_2.|
|10.1.1.3||Internal||This is the address that other device group members use when synchronizing a configuration to Bigip_2.|
|10.1.2.3||High availability||This the address that other device group members use for high availability communications with Bigip_2.|
|Bigip_3||22.214.171.124||External||The upstream ECMP router uses this address to load balance traffic to the virtual server on Bigip_3.|
|10.1.1.4||Internal||This is the address that other device group members use when synchronizing a configuration to Bigip_3.|
|10.1.2.4||High availability||This the address that other device group members use for high availability communications with Bigip_3.|
Before you begin this task, verify that:
You perform this task to establish trust among devices on one or more network segments. Devices that trust each other constitute the local trust domain. A device must be a member of the local trust domain prior to joining a device group.
By default, the BIG-IP software includes a local trust domain with one member, which is the local device. You can choose any one of the BIG-IP devices slated for a device group and log into that device to add other devices to the local trust domain. For example, devices Bigip_1, Bigip_2, and Bigip_3 each initially shows only itself as a member of the local trust domain. To configure the local trust domain to include all three devices, you can simply log into device Bigip_1 and add devices Bigip_2 and Bigip_3 to the local trust domain; there is no need to repeat this process on devices Bigip_2 and Bigip_3.