Manual Chapter : Configuring a One-IP Network Topology

Applies To:

Show Versions Show Versions

BIG-IP LTM

  • 11.6.5, 11.6.4, 11.6.3, 11.6.2, 11.6.1
Manual Chapter

Configuring a One-IP Network Topology

Overview: Configuring a one-IP network topology

One configuration option you can use with the BIG-IP® system is a one-IP network topology. This differs from the typical two-network configuration in two ways:

  • Because there is only one physical network, this configuration does not require more than one interface on the BIG-IP system.
  • Clients need to be assigned SNATs to allow them to make connections to servers on the network in a load balancing pool.

Part of this configuration requires you to configure the BIG-IP system to handle connections originating from the client. You must define a SNAT in order to change the source address on the packet to the SNAT external address, which is located on the BIG-IP system. Otherwise, if the source address of the returning packet is the IP address of the content server, the client does not recognize the packet because the client sent its packets to the IP address of the virtual server, not the content server.

If you do not define a SNAT, the server returns the packets directly to the client without giving the BIG-IP system the opportunity to translate the source address from the server address back to the virtual server. If this happens, the client might reject the packet as unrecognizable.

The single interface configuration is shown in the following illustration.

Illustration of a one-IP network topology for the BIG-IP system

one-IP network topology for the BIG-IP system

One-IP network topology for the BIG-IP system

Task summary for a one-IP network topology for the BIG-IP system

You can perform these tasks to configure a one-IP network topology.

Task list

Creating a pool for processing HTTP connections with SNATs enabled

Verify that all content servers for the pool are in the network of VLAN external.
For a basic configuration, you need to create a pool to manage HTTP connections. This pool enables SNATs for any connections destined for a member of the pool.
  1. On the Main tab, click Local Traffic > Pools .
    The Pool List screen opens.
  2. Click Create.
    The New Pool screen opens.
  3. In the Name field, type a unique name for the pool.
  4. For the Health Monitors setting, from the Available list, select the http monitor and move the monitor to the Active list.
  5. For the Allow SNAT setting, verify that the value is Yes.
  6. In the Resources area of the screen, use the default values for the Load Balancing Method and Priority Group Activation settings.
  7. Using the New Members setting, add each resource that you want to include in the pool:
    1. Type an IP address in the Address field.
    2. Type 80 in the Service Port field, or select HTTP from the list.
    3. (Optional) Type a priority number in the Priority field.
    4. Click Add.
  8. Click Finished.
The new pool appears in the Pools list.

Creating a virtual server for HTTP traffic

This task creates a destination IP address for application traffic. As part of this task, you must assign the relevant pool to the virtual server.
  1. On the Main tab, click Local Traffic > Virtual Servers .
    The Virtual Server List screen opens.
  2. Click the Create button.
    The New Virtual Server screen opens.
  3. In the Name field, type a unique name for the virtual server.
  4. In the Destination Address field, type the IP address in CIDR format.
    The supported format is address/prefix, where the prefix length is in bits. For example, an IPv4 address/prefix is 10.0.0.1 or 10.0.0.0/24, and an IPv6 address/prefix is ffe1::0020/64 or 2001:ed8:77b5:2:10:10:100:42/64. When you use an IPv4 address without specifying a prefix, the BIG-IP® system automatically uses a /32 prefix.
    Note: The IP address you type must be available and not in the loopback network.
  5. In the Service Port field, type 80, or select HTTP from the list.
  6. From the HTTP Profile list, select http.
  7. In the Resources area of the screen, from the Default Pool list, select the relevant pool name.
  8. Click Finished.
You now have a virtual server to use as a destination address for application traffic.

Defining a default route

Another task that you must perform to implement one-IP network load balancing is to define a default route for the VLAN external.
  1. On the Main tab, click Network > Routes .
  2. Click Add.
    The New Route screen opens.
  3. In the Name field, type Default Gateway Route.
  4. In the Description field, type a description for this route entry.
    This setting is optional.
  5. In the Destination field, type the IP address 0.0.0.0.
    An IP address of 0.0.0.0 in this field indicates that the destination is a default route.
  6. In the Netmask field, type 0.0.0.0, the network mask for the default route.
  7. From the Resource list, select Use VLAN/Tunnel.
    A VLAN represents the VLAN through which the packets flow to reach the specified destination.
  8. From the VLAN/Tunnel list, select external.
  9. Click Finished.
After you perform this task, the default route for VLAN external is defined.

Configuring a client SNAT

To configure the BIG-IP® system to handle connections originating from the client, you can define a SNAT to change the source address on the packet to the SNAT external address located on the BIG-IP system.
  1. On the Main tab, click Local Traffic > Address Translation .
    The SNAT List screen displays a list of existing SNATs.
  2. Click Create.
  3. Name the new SNAT.
  4. In the Translation field, type the IP address that you want to use as a translation IP address.
  5. From the Origin list, select Address List.
  6. For each client to which you want to assign a translation address, do the following:
    1. In the Address field., type a client IP address.
    2. Click Add.
  7. From the VLAN/Tunnel Traffic list, select Enabled on.
  8. For the VLAN List setting, in the Available field, select external, and using the Move button, move the VLAN name to the Selected field.
  9. Click the Finished button.
The BIG-IP system is configured to handle connections originating from the client