Manual Chapter : BIG-IP Solutions Guide v4.5:Load Balancing ISPs

Applies To:

Show Versions Show Versions

BIG-IP versions 1.x - 4.x

  • 4.6.1, 4.6.0, 4.5 PTF-08, 4.5 PTF-07, 4.5 PTF-06, 4.5 PTF-05, 4.5 PTF-04, 4.5 PTF-03, 4.5 PTF-02, 4.5 PTF-01, 4.5.9, 4.5.0
Manual Chapter


8

Load Balancing ISPs


Using ISP load balancing

You may find that as your network grows, or network traffic increases, you need to add an additional connection to the internet. You can use this configuration to add an additional Internet connection to your existing network. Figure 8.1 shows a network configured with two Internet connections.

Figure 8.1 An example of an additional internet connection

This type of configuration requires you to configure network address translation (NAT) on your routers. If your routers cannot perform NAT, you can use the VLAN SNAT automap feature on the BIG-IP system.

Configuring ISP load balancing

When you set up ISP load balancing, you have several tasks to complete on the BIG-IP system:

  • Create two load balancing pools
    Define one pool that load balances the content servers. The other pool balances the inside addresses of the routers.
  • Configure virtual servers
    Configure virtual servers to load balance inbound connections across the servers, and one to load balance outbound connections across the routers.
  • Configure NATs or a SNAT automap
    Configure NATs or SNAT automap for outbound traffic so that replies will arrive though the same ISP the request went out on.
  • Enable service 80 and service 443
    Enable service 80 and service 443 on the BIG-IP system. This step is only required if you configure this solution from the command line. The web-based Configuration utility automatically opens the ports.

Defining the pools for an additional Internet connection

First, define one pool that load balances the content servers, and one pool to load balance the routers.

To create the pools using the Configuration utility
  1. In the navigation pane, click Pools.
    The Pools screen opens.
  2. Click the Add button.
    The Add Pool screen opens.
  3. For each pool, enter the pool name and member addresses in the Add Pool screen. (For additional information about configuring a pool, click the Help button.)

Configuration notes

For the example in Figure 8.1 :

Create the pool server_pool containing the members 10.1.1.1:80 10.1.1.2:80, and 10.1.1.3:80.

Create the pool router_insides containing the router inside addresses 192.168.100.1:0 and 192.168.200.1:0.

To create pools from the command line

Use the following command to define the pool server_pool for the nodes that handle the requests to virtual server 172.100.12.20:80:

b pool server_pool { \

member 10.1.1.1:80 \

member 10.1.1.2:80 \

member 10.1.1.3:80 }

Use the following command to create the pool router_insides:

b pool router_insides { \

member 192.168.100.1:0 \

member 192.168.200.1:0 }

Defining the virtual servers for an additional Internet connection

After you create the pools, you can configure the two virtual servers, one to load balance inbound connections across the servers and one to load balance outbound connections across the routers.

To define the virtual servers using the Configuration utility
  1. In the navigation pane, click Virtual Servers.
    The Virtual Servers Screen opens.
  2. Click the Add button.
    The Add Virtual Server screen opens.
  3. For each virtual server, enter the virtual server address and pool name. (For additional information about configuring a virtual server, click the Help button.)

Configuration notes

For the example in Figure 8.1 :

For the inbound connections, create the virtual server 172.100.12.20:80 and use pool server_pool.

For the outbound connections, create a wildcard virtual server 0.0.0.0:0 and use pool router_insides.

To define the virtual servers from the command line

To handle inbound traffic, create the virtual server for the pool server_pool with the following command:

b virtual 172.100.12.20:80 use pool server_pool

To handle outbound traffic, create a wildcard virtual server for the pool router_insides with the following command:

b virtual 0.0.0.0:0 use pool router_insides

Configuring network address translation on routers

You must now set up address translation for outbound traffic so that replies will arrive though the same ISP that the request went out on. Specifically, you must either configure your routers so that they perform network address translation (NAT), or you must configure SNAT automap.

For instructions on NAT configuration, refer to your router documentation.

To set up a SNAT automap, perform the following tasks:

  • Assign IP-specific self IP addresses to the BIG-IP system external VLAN, corresponding to the IP networks of the two routers.
  • Enable SNAT automap for each of the self addresses.
  • Enable SNAT automap for the internal VLAN.
To create self IP addresses and enable SNAT automap using the Configuration utility
  1. In the navigation pane, click Network
    The Network screen open.
  2. On the Network screen, click Add.
    The Add Self IP Address screen opens.
  3. In the Add Self IP Address screen, for each router, add a new self IP address that matches the network of the router, with the inside IP network address of the router and SNAT Automap enabled.
  4. On the Network screen, click the VLANs tab.
    The VLANs screen opens.
  5. Click the internal VLAN.
    The VLAN Internal screen opens.
  6. In the VLAN Internal screen, check the SNAT Automap box. For additional information about configuring a VLAN, click the Help button.
To create self IP addresses and enable SNAT automap from the command line

Create IP-specific self IP addresses on the external VLAN using these commands:

b self 192.168.100.10 vlan external snat automap enable

b self 192.168.200.10 vlan external snat automap enable

Use this command to enable snat automap on the internal VLAN:

b vlan internal snat automap enable

Enabling service 80 and service 443

This step is required only if you configure this solution from the command line. If you use the web-based Configuration utility for this solution, the services are automatically enabled. Use the following command to enable service 80 and service 443.

b service 80 443 tcp enable

Additional configuration options

Whenever you configure a BIG-IP system, you have a number of options:

  • You have the option in all configurations to configure a BIG-IP redundant system for fail-over. Refer to Chapter 13, Configuring a Redundant System , in the BIG-IP Reference Guide.
  • All configurations have health monitoring options. Refer to Chapter 11, Monitors , in the BIG-IP Reference Guide.
  • When you create a pool, there is an option to set up persistence and a choice of load balancing methods. Refer to Chapter 4, Pools , in the BIG-IP Reference Guide.