F5 ip-forward virtual-server to a10 vs configuration
Hugo Gomez
Member ✭
Hi guys
I'm asking for your help to clarify the use of the ip-forward option on F5 devices for virtual-servers, for me looks simple, but I didn't use it before in our a10 devices
This is an example of the current configuration on F5 that I need to migrate:
}
ltm virtual DNS_Telefonica_171 {
description "Forwarding DNS 10.161.9.171"
destination 10.161.9.171:domain
ip-forward
ip-protocol udp
mask 255.255.255.255
profiles {
fastL4 { }
}
source 10.164.100.138/31
source-address-translation {
type automap
}
translate-address disabled
translate-port disabled
vs-index 3
}
ltm virtual LDAP_TMVE_171 {
description LDAP_TMVE_171
destination 10.161.9.171:any
ip-forward
mask 255.255.255.255
profiles {
fastL4 { }
}
source 10.164.100.138/31
source-address-translation {
type automap
}
translate-address disabled
translate-port disabled
vs-index 5
}
I was searching and it seems I need to use a policy template with a forwarding-policy set, but it is not clear to me.
If you can guide me, I really appreciate it.
Kind regards,
Answers
Hi @Hugo Gomez ,
F5 LTM IP Forward features basically disables destination address translation and just forward the traffic to a specific IP.
This is quite common to use this when using Direct Server Return (DSR) SLB Deployment.
To Achieve the save in ACOS, we provide an option you can configure at Virtual Port level which is "no-dst-nat", like in the following exemple:
ACOS(config)# slb virtual-server vip1 192.0.2.99
ACOS(config-slb vserver)# port 80 tcp
ACOS(config-slb vserver-vport)# service-group sg-web
ACOS(config-slb vserver-vport)# no-dest-nat
You will find more information in our documentation here:
Best Regards,