Manual Chapter : Creating a Cloud Interconnection with the BIG-IP System

Applies To:

Show Versions Show Versions

BIG-IP AAM

  • 14.1.5, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0

BIG-IP APM

  • 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0

BIG-IP LTM

  • 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0

BIG-IP AFM

  • 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0

BIG-IP DNS

  • 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0

BIG-IP ASM

  • 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.6, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0
Manual Chapter

About Cloud Interconnections with the BIG-IP system

A Cloud Interconnection provides connectivity between your network and multiple public or managed private cloud providers. This gives you an alternative to public internet or multiple dedicated private connections to cloud providers.

Your public cloud resources may not be connected to the internet at all. You might access them solely through the cloud exchange, making the cloud a true extension of the data center. This creates a central point where public cloud, private cloud, and corporate networks intersect. This is where F5 services add value.

Equinix is an F5 partner that offers these services at very high speed and low latency.
Note: Equinix uses the term cloud exchange for their Cloud Interconnection service.

This document explains how to configure a BIG-IP® system in a Cloud Interconnection configuration with Microsoft Azure and Amazon Web Services.

When the deployment is complete, you can continue configuring the BIG-IP system, just as you would if the BIG-IP system were in your corporate data center.

Cloud Interconnection tasks

Complete the following tasks to set up a Cloud Interconnection. Each task is described in detail later in this document.
  1. Contact Equinix and tell them you have equipment you want to connect to their cloud exchange.
    Equinix will provide you with information (like public IP addresses) that you need to connect to the BIG-IP®system remotely.
  2. Log in to each BIG-IP system and configure remote access to it, so you can access it after it's in the colo facility. In this example, there are two BIG-IP systems: primary and secondary.
  3. Ship the BIG-IP systems to the colo facility.
    Equinix has a service that can rack, connect, and power on the BIG-IP system. You can proceed with the following tasks, even if they have not powered on the BIG-IP system yet.
  4. Create routes for private connectivity between the cloud provider and your facility. To do this, you use the Equinix portal along with:
    • AWS Direct Connect (https://aws.amazon.com/directconnect)
    • Azure Express Route (https://azure.microsoft.com/en-us/services/expressroute)
    • Google, Oracle, and/or other cloud providers’ direct connectivity solutions
  5. Configure the BIG-IP system to act as a router between your facility and the cloud exchange.
  6. Configure additional BIG-IP services (like SSO, WAF, or SSL intercept, for example).
This document uses the following example names and addresses:
BIG-IP system Virtual interface name VLAN ID Cloud router IP address BIG-IP self IP address
AWS primary aws_pri 3010 172.16.1.9 172.16.1.10
AWS secondary aws_sec 3010 172.16.1.13 172.16.1.14
Azure primary azure_pri 3011 172.16.1.1 172.16.1.2
Azure secondary azure_sec 3011 172.16.1.5 172.16.1.6

Configure remote access to the BIG-IP system

When the BIG-IP® system is in the colo facility, you might not be able to physically access it, so you need to configure remote access to it.
  1. Connect to the BIG-IP Configuration Utility.
  2. On the Main tab, click Network > Interfaces . Determine which of the UP interfaces you want to use for internet connectivity.

    In this example, 1.2 is used for internet connectivity and 2.1 is for the connection to the cloud servers.

  3. Now create a VLAN. On the Main tab, click Network > VLANs .
  4. Click Create.
    In this example, the internet VLAN is using interface 1.2.
  5. Now create a self IP address. On the Main tab, click Network > Self IPs .
  6. Click Create. Ensure that for VLAN/Tunnel you select internet, and for Port Lockdown, select Allow Default.
    Allow Default allows management connectivity via the data plane interface. (There is no cable connected to the management interface in this example.)

Now complete these steps on the secondary BIG-IP system.