Applies To:

Show Versions Show Versions

Manual Chapter: BIG-IP® Network and System Management Guide version 9.2.3: Configuring Routes - 8
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>


8

Configuring Routes


Introducing route configuration

The BIG-IP system must communicate with other routers, servers, and firewalls in a networked environment. Before you put the BIG-IP system into production, we recommend that you carefully review the router and server configurations in your network. By doing so, you can properly configure routing on the BIG-IP system, and you can adjust the routing configurations on other network devices to include various BIG-IP system IP addresses. Depending on how you configure routing, the BIG-IP system can forward packets to a specified network device (such as a next-hop router or a destination server), or the system can drop packets altogether.

Due to its IP routing (layer 3) capabilities, combined with the need to process both user application traffic (for load balancing) and administrative traffic, the BIG-IP system contains two routing tables. The first is the Linux kernel routing table, which stores and retrieves information about management routes. Management routes are routes that the BIG-IP system uses to forward traffic through the special management (MGMT) interface.

The other routing table is the main TMM routing table, which stores and retrieves IP routing information about TMM switch routes. TMM switch routes are routes that the BIG-IP system uses to forward traffic through the TMM switch interfaces instead of through the management interface.

Unless noted otherwise, the remainder of this chapter describes how to configure TMM switch routes only. For more information on configuring routes for the management interface, see Routing traffic through the management interface , and Chapter 4, Configuring the BIG-IP Platform and General Properties .

Understanding the TMM routing table

The purpose of the TMM routing table is to store essential routing information for traffic passing through the TMM system. The BIG-IP system creates a routing table automatically when you configure its local interfaces. Once the routing table is created, there are two ways to maintain it:

  • You can add entries to the routing table, using the Configuration utility. These entries are called static entries.
  • You can use one or more dynamic routing protocols to automatically update the routing table on a regular basis. These entries are called dynamic entries.

Typically, a routing table on the BIG-IP system contains a combination of static and dynamic entries. The remainder of this section describes how to add and maintain static entries.

You can use the Configuration utility to add static routes to the TMM routing table. When you add an entry to the routing table, you specify a destination host or network, and a gateway through which traffic for that destination should pass to reach the destination address. You can also add an entry for a default route.

On a typical router, you define the gateway for each route as the address for a next-hop router. On the BIG-IP system, however, the gateway that you specify can be any of four different resource types: A next-hop router address, the name of a pool of routers, a VLAN name, or an instruction to reject the packet.

  • A next-hop router address
    A next-hop router address is also known as a gateway address. A gateway address specifies a particular router that the BIG-IP system should use when forwarding packets to the destination host or network.
  • A name of a pool of routers
    Rather than specifying a specific next-hop router, you can specify an entire pool of routers. When you specify this resource type, the BIG-IP system load balances the packets twice, once to a router in the pool of routers, and again to a server in the load balancing pool. Just as with a load balancing pool, the BIG-IP system uses the Round Robin load balancing method by default when forwarding packets to a pool of routers.
  • A VLAN name
    Specifying a VLAN name indicates that the network you specify as a destination in a route entry is directly connected to the BIG-IP system. Therefore, the BIG-IP system can send an ARP request to any host in that network to obtain the MAC address of the destination host.
  • Reject
    Setting the resource type to Reject causes the BIG-IP system to drop packets that are destined for the specified destination IP address.

Configuring the TMM routing table

Using the Configuration utility, you can easily manage the static routes defined in the BIG-IP system's TMM routing table. Specifically, you can:

  • View static route entries in the routing table
  • Add new static route entries to the routing table
  • Modify static route entries in the routing table
  • Delete static route entries from the routing table that no longer apply due to changes in the network

For information on configuring routes for the management interface, see Chapter 4, Configuring the BIG-IP Platform and General Properties .

Viewing the list of static entries

Using the Configuration utility, you can view the list of static entries that you have added to the routing table. Figure 8.1 shows an example of a list containing two static entries. The first entry shows a default route that uses a pool of routers as the resource. The second entry shows a route to a destination host, where the route uses a VLAN as the resource.

 

Figure 8.1 A sample list of static routes

When you view the list of entries, you can see the following information:

  • The destination IP address
    For the destination address, you can see either a default entry, a host destination, or a network address.
  • The netmask
    This is the netmask of the destination address. No netmask appears for the default route.
  • The resource type
    The resource type appears as either Gateway, Pool, VLAN, or Reject.
  • The resource name
    The resource name is either a next-hop-router (gateway) address, a pool name, or a VLAN name.

To view a list of static entries

On the Main tab of the navigation pane, expand Network and click Routes. The Configuration utility displays the list of static entries.

Tip


You can also view static TMM route entries by displaying a section of the /config/bigip.conf file, using the bigpipe command line utility. Simply type the command bigpipe route list all at a command line prompt.

Adding static entries to the TMM routing table

You use the Configuration utility to add static entries to the TMM routing table. A static entry that you add can be either the default TMM route or a non-default TMM route.

Important

We highly recommend that you define a default TMM route. Otherwise, certain types of administrative traffic that would normally use a TMM switch interface might instead use the management interface.

Use the following procedure to add an entry to the TMM routing table. For more detailed information, see Table 8.1 , as well as the sections that follow that table.

Important

Before specifying a pool of routers as a gateway, verify that you have created the pool.

For information on verifying the existence of pool, see To verify the existence of a pool of routers . Before specifying a VLAN as a gateway, verify that you have created the VLAN. For more information, see To verify the existence of a VLAN .

To add a static route

  1. On the Main tab of the navigation pane, expand Network, and click Routes.
    The Routes screen opens.
  2. On the upper-right corner of the screen, click Add.
  3. From the Type list, select Default Gateway or Route.
  4. Note: Selecting Default Gateway disables the Destination and Netmask properties.  
  5. If you selected Route in the previous step, specify two settings:
    1. In the Destination box, type a destination IP address.
    2. In the Netmask box, type the netmask for the IP address you typed in the Destination box.
  6. For the Resource property, select a resource from the list.
    For detailed information on resources, see Specifying a resource .
  7. Click Finished.

Table 8.1 lists and describes the properties that you configure when adding routing table entries. For detailed information on each property, see the sections that follow the table. For background information on static routing-table entries, see Understanding the TMM routing table .

Table 8.1 Configuration properties for adding entries to the routing table
Property
Description
Default Value
Type
Specifies the routing table entry as either a default route or a standard destination address. Possible values are Default Gateway and Route.
Default Gateway
Destination
Specifies an IP address for the Destination column of the routing table. You can only configure this property when you set the Type property to Route. When the Type property is set to Default Gateway, the destination is always shown in the routing table as 0.0.0.0.
0.0.0.0 (when Type is Default Gateway)
No default value (when Type is Route)
Netmask
Specifies the netmask for a destination address. This value appears in the Genmask column of the routing table. You can only configure this property when you set the Type property to Route. When the Type property is set to Default Gateway, the netmask is always shown in the routing table as 0.0.0.0.
0.0.0.0 (when Type is Default Gateway)
No default value (when Type is Route)
Resource
Specifies the particular gateway IP address, pool, or VLAN that the BIG-IP system should use to forward a packet to the destination. Possible values are: Use Gateway, Use Pool, Use VLAN, or Reject.
Note that you typically select Use VLAN for non-default routes only.
Use Gateway

 

Specifying a static route type

You use the Type property to specify the type of static route that you want to define in the routing table. A static route that you add to the TMM routing table can be either of two types: a non-default route or a default route. On the screen for creating a static route entry, a non-default route is simply called a route. A default entry is called a default gateway.

You add a route when you want to provide a route that either corresponds directly to the destination IP address of a packet, or specifies the network portion of the destination IP address of a packet.

You add a default gateway when you want to provide the route that the BIG-IP system should use for forwarding packets when no other entry in the routing table matches the destination IP address of the packet.

Important

The information in this section pertains to the default route for the TMM routing table only, and not for the default management route. For information on configuring the default management route, see Routing traffic through the management interface , and Chapter 4, Configuring the BIG-IP Platform and General Properties .

Specifying a destination IP address

When you want to define a non-default route, you use the Destination property. If you are defining a default route, this property is unavailable.

Using the Destination property, you can specify either a specific destination IP address, to match the destination IP address of a packet, or the network portion of a destination IP address of a packet.

For example, if you want the BIG-IP system to be able to forward packets destined for IP address 192.168.16.240, you could specify one of the following addresses:

  • 192.168.16.240
    In this case, the BIG-IP system forwards any packet with the exact destination IP address of 192.168.16.240 to the gateway that you define in that routing table entry.
  • 192.168.16.0
    In this case, the BIG-IP system forwards to the gateway any packets with a destination IP address that includes the network ID 192.168.16.
Note

For information on defining a gateway, see Specifying a netmask , following.

Specifying a netmask

You use the Netmask property when you want to define a non-default route. If you are defining a default route, this property is unavailable.

Using the Netmask property, you specify the netmask for the destination IP address that you defined with the Destination property. The purpose of the netmask is to indicate whether the IP address defined in the Destination property is a host address or a network address.

Specifying a resource

Any entry that you add to the TMM routing table includes either a next-hop router, a pool of routers, or a VLAN as the gateway, or resource, through which to send traffic. To specify a resource in a routing table entry, you use the Resource property. You can also instruct the BIG-IP system to reject packets for the specified destination IP address.

Figure 8.2 shows part of a sample bigip.conf file that results when you specify a pool of routers, a next-hop router, or a VLAN as a resource. The figure also shows an entry that results when you want the system to reject packets destined for a particular host or network.

Figure 8.2 Portion of a sample bigip.conf file
route default inet {
   vlan none
   gateway none
   pool router_pool                             # Resource is a pool of routers
   mtu 0
}
route 192.168.102.0 netmask 255.255.255.0 {
   vlan none
   gateway 192.168.104.101                      # Resource is a next-hop router
   pool none
   mtu 0
}
route 192.168.200.0 netmask 255.255.255.0 {
   vlan internal                                # Resource is a VLAN
   gateway none
   pool none
   mtu 0
}
route 192.168.240.0 netmask 255.255.255.0 {
   reject                                       # Packets dropped for destination network
   vlan none
   gateway none
   pool none
   mtu 0
}

 

Specifying a pool of routers

A common scenario when adding a route is to define the gateway as a pool of routers instead of a single next-hop router. For example, you can create a pool named router_pool, and specify the pool as the gateway for the default route. You can see this route in the first entry of Figure 8.2 .

Before you specify a pool of routers as a gateway in the routing table, however, you must create the pool, using the same Configuration utility screens that you use for creating a pool of load balancing servers.

For more information on creating a pool, see the Configuration Guide for Local Traffic Management. For background information on using a pool of routers as a gateway, see Understanding the TMM routing table .

To verify the existence of a pool of routers

On the Main tab of the navigation pane, expand Local Traffic, and click Pools. This displays the list of existing pools on the BIG-IP system. This list includes any load balancing pools and router pools that you have created.

Specifying a next-hop router

If you know that a server in a load balancing pool is on the same internal network as the BIG-IP system's next-hop router, you can add an entry that defines the server's IP address as the destination, and the next-hop router address as the gateway. For example, the second route entry in Figure 8.2 shows a destination network address of 192.168.102.0, and a next-hop router address of 192.168.104.101.

Specifying a VLAN

The gateway address in a routing entry can also be a VLAN name. You can select a VLAN name as a resource when the destination address you specify in the routing entry is a network address. Using a VLAN name as a resource implies that the specified network is directly connected to the BIG-IP system. In this case, the BIG-IP system can find the destination host simply by sending an ARP request to the hosts in the specified VLAN, thereby obtaining the destination host's MAC address. Then, the BIG-IP system simply checks the VLAN's layer 2 forwarding table to determine the correct interface through which to forward the packet.

To verify the existence of a VLAN

On the Main tab of the navigation pane, expand Network, and click VLANs. This displays the list of existing VLANs on the BIG-IP system.

Specifying packet rejection

Sometimes, you might want the BIG-IP system to drop any packets destined for the IP address specified as the destination in a routing entry. In this case, you simply select Reject as the value for the Resource setting when creating a route entry.

Modifying static entries in the routing table

For a static entry in the routing table, you can modify the resource that you specified when you added the entry. You cannot modify the entry type (Default Gateway or Route), the destination address, or the netmask.

Important

Before specifying a pool of routers as a gateway, verify that you have created the pool.

For information on verifying the existence of a pool, see To verify the existence of a pool of routers . Before specifying a VLAN as a gateway, verify that you have created the VLAN. For more information, see To verify the existence of a VLAN , on this page.

To modify the resource for an entry

  1. On the Main tab of the navigation pane, expand Network, and click Routes.
    This displays the list of static routes.
  2. In the Destination column, click an entry.
  3. For the Resource property, select a resource from the list.
    For detailed information on resources, see Specifying a resource .
  4. Click Update.

Deleting static entries from the routing table

Deleting entries from the routing table is necessary when the routers or destination hosts on your network change for any reason. For example, you might remove a specific host or router from the network, thereby invalidating a destination or gateway address in the routing table. You can easily delete static entries using the Configuration utility.

To delete a route

  1. On the Main tab of the navigation pane, expand Network and click Routes.
    A list of the static entries in the routing table appears.
  2. Click the Select box to the left of the entry you want to delete.
  3. Click Delete.
    A confirmation message appears.
  4. Click Delete.

Considering other routing issues

After you have configured the TMM routing table on the BIG-IP system, you might want to consider some other routing issues. For example, it is customary to ensure that the routers on the network have information about the various IP addresses for the BIG-IP system, such as virtual server addresses, self IP addresses for VLANs, and so on. Fortunately, the BIG-IP system eases this task by sending gratuitous Address Resolution Protocol (ARP) messages to other routers on the network, to notify them of BIG-IP system IP addresses. For more information on ARP and the BIG-IP system, see Chapter 9, Configuring Address Resolution Protocol .

You should also consider the following:

  • Dynamic routing, using ZebOS routing modules
  • The routes for the management interface
  • The default route on destination servers

Configuring dynamic routing

The beginning of this chapter explained that there are two types of entries in the BIG-IP system routing table: static entries and dynamic entries. The chapter then described how to add and delete static entries. If you want the system to add entries dynamically, you can use one of the ZebOS routing modules.

Routing traffic through the management interface

When configuring routes on a BIG-IP system, it is helpful to understand the differences between management routes and TMM routes. This is because there are certain administrative tasks, such as a system installation, that you should perform only when the TMM is not running. In those cases, the BIG-IP system uses the default management route for processing that traffic.

We recommend that you read the guide Installation, Licensing, and Upgrades for BIG-IP® Systems. for procedures on configuring the management interface. You should also read the section in Chapter 4, Configuring the BIG-IP Platform and General Properties , that describes the management interface. Chapter 18, Configuring BIG-IP System Services , suggests some of the administrative tasks that you should perform only when the TMM service is stopped.

Finally, make sure that you have defined a default TMM route in the main TMM routing table. Defining a default TMM route prevents high volumes of administrative traffic generated by the BIG-IP system from using the management interface. For more information, see Adding static entries to the TMM routing table .

Configuring the default route on destination servers

Part of managing routes on a network is making sure that destination servers on the network can route responses to the BIG-IP system. To do this, you should configure the default route on each load balancing server to forward responses to the BIG-IP system.

Configuring the default route on your destination servers is a typical network configuration task. A primary reason for configuring the default route on each server to forward responses to the BIG-IP system is to avoid interruption of service if you have a redundant system configuration and an active unit becomes unavailable. In this case, you want the default route entry on the servers in your load balancing pools to specify a floating self IP address that the two units of the redundant system share. By setting the default route of your destination servers to a floating self IP address, you ensure that if one unit becomes unavailable for any reason, the other unit can still process the responses.

To configure the default route on your destination servers, see the product documentation from your server vendor.

For more information on configuring a redundant system, see Chapter 13, Setting up a Redundant System .




Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)