Manual Chapter : BIG-IP Administrator guide v4.0: Load Balancing ISPs

Applies To:

Show Versions Show Versions

BIG-IP versions 1.x - 4.x

  • 4.0 PTF-04, 4.0 PTF-03, 4.0 PTF-02, 4.0 PTF-01, 4.0.0
Manual Chapter


5

Load Balancing ISPs



Using ISP load balancing

You may find that as your network grows, or network traffic increases, you need to add an additional connection to the internet. You can use this configuration to add an additional Internet connection to your existing network. Figure 5.1 shows a network configured with two Internet connections.

Figure 5.1 An example of an additional internet connection

This type of configuration requires you to configure network address translation (NAT) on your routers. If your routers cannot perform NAT, you can use the VLAN SNAT automap feature on the BIG-IP Controller.

Configuring ISP load balancing

First, you must complete a series of tasks on the BIG-IP Controller in this order:

  • Create two load balancing pools
    Define one pool that load balances the content servers. The other pool balances the inside addresses of the routers.
  • Configure virtual servers
    Configure virtual servers to load balance inbound connections across the servers and one to load balance outbound connections across the routers.
  • Configure NATs or a SNAT automap
    Configure NATs or SNAT automap for outbound traffic so that replies will arrive though the same ISP the request went out on.
  • Enable service 80 and service 443
    Enable service 80 and service 443 on the controller. This step is only required if you configure this solution from the command line. The web-based Configuration utility automatically opens the ports.

Defining the pools for an additional Internet connection

First, define one pool that load balances the content servers and one pool for load balancing the routers.

To create pools using the Configuration utility

  1. In the navigation pane, click Pools.
    The Pools screen opens.
  2. Click the Add button.
    The Add Pool screen opens.
  3. In the Add Pool screen, configure the pool attributes. For additional information about this screen, click the Help button.

    Configuration notes
    For this example, create two pools, server_pool and router_insides.

    · server_pool contains the members <server1> and <server2>

    · router_insides contains the router inside addresses <router1> and <router2>

To create pools from the command line

Use the following command to define the pool server_pool for the nodes that handle the requests to virtual server 205.100.19.22:80:

b pool server_pool { member <server1>:80 member <server2>:80 member <server3>:80 }

Replace <server1>, <server2>, and <server3> with the IP address of the respective server.

Use the following command to create the pool router_insides:

b pool router_insides { member <router1>:0 member <router2>:0 }

Replace <router1> and <router2> with the internal IP address of the respective routers.

Defining the virtual servers for an additional Internet connection

After you create the pools, you can configure the virtual servers. Configure a virtual server to load balance inbound connections across the servers, and a virtual server to load balance outbound connections across the routers.

To define the virtual servers using the Configuration utility

  1. In the navigation pane, click Virtual Servers.
    The Virtual Servers Screen opens.
  2. Click the Add button.
    The Add Virtual Server screen opens.
  3. Fill in the attributes for the virtual server. For additional information about this screen, click the Help button.

    Configuration note

    · For the inbound connections, create the virtual server 205.100.19.22:80 and use pool server_pool.

    · For the outbound connections, create a wildcard virtual server 0.0.0.0:0 and use pool router_insides.

To define the virtual servers from the command line

To handle inbound traffic, create the virtual server for the pool server_pool with the following command:

b virtual 205.100.92.22:80 use pool server_pool

To handle outbound traffic, create a wildcard virtual server for the pool router_insides with the following command:

bipipe virtual 0.0.0.0:0 use pool router_insides

Configuring network address translation on routers

You must now set up address translation for outbound traffic so that replies will arrive though the same ISP that the request went out on. Specifically, you must either configure your routers so that they perform network address translation (NAT), or you must configure SNAT automap.

For instructions on NAT configuration, refer to your router documentation.

To set up a SNAT automap, perform the following tasks:

  • Assign IP-specific self addresses to the BIG-IP Controller external VLAN, corresponding to the IP networks of the two routers.
  • Enable SNAT automap for each of the self addresses.
  • Enable SNAT automap for the internal VLAN.

To create self addresses and enable SNAT automap using the Configuration utility

  1. In the navigation pane, click Network.
    The Network tabs appear.
  2. Click the Self IP Addresses tab.
    The Self IP Addresses screen opens.
  3. Click the Add button.
    The Add Self IP Address screen opens.
  4. In the Add Self IP Address screen, for each router, add a new self IP address that matches the network of the router, with the inside IP network address of the router and SNAT Automap enabled.
  5. On the Network screen, click the VLANs tab.
    The VLANs screen opens.
  6. On the VLANs screen, click the internal VLAN.
    The VLAN Internal screen opens.
  7. In the VLAN Internal screen, enable SNAT Automap.
    For additional information about configuring a VLAN, click the Help button.

    To create self addresses and enable SNAT automap from the command line

    Create IP-specific self addresses on the external VLAN:

    b self <ip_addr1> vlan <ext_vlan> snat automap enable

    b self <ip_addr2> vlan <ext_vlan> snat automap enable

    Enable snat automap on the internal VLAN:

    b vlan <int_vlan> snat automap enable

    For this example you might create the following addresses:

    b self 11.11.11.5 vlan external snat automap enable

    b self 11.11.12.5 vlan external snat automap enable

    b vlan internal snat automap enable

Enabling service 80 and service 443

This step is only required if you configure this solution from the command line. If you use the web-based Configuration utility for this solution, the services are automatically enabled. Use the following command to enable service 80 and service 443.

b service 80 443 tcp enable

Additional configuration options

Whenever a BIG-IP Controller is configured, you have a number of options available to you:

  • You have the option in all configurations to configure a redundant BIG-IP Controller for fail-over. Refer to Redundant Systems in the BIG-IP Reference Guide, Chapter 1, Configuring the BIG-IP Controller.
  • All configurations have health monitoring options. Refer to Health Monitors in the BIG-IP Reference Guide, Chapter 1, Configuring the BIG-IP Controller.
  • When you create a pool, there is an option to set up persistence and a choice of load balancing methods. Refer to Pools in the BIG-IP Reference Guide, Chapter 1, Configuring the BIG-IP Controller.