Free Preparation Discussions
MENU
F5 Networks F5CAB5 Exam - Topic 1 Question 8 Discussion
Topic #: 1
A BIG-IP Administrator configured the following virtual server to pass traffic on all addresses and ports. After configuration is completed, the BIG-IP Administrator notices that the virtual server is unable to pass traffic.
Plaintext
ltm virtual forwarding_any_vs {
destination 0.0.0.0:any
ip-forward
mask 255.255.255.255
profiles {
fastL4 {}
}
serverssl-use-sni disabled
source 0.0.0.0/0
translate-address disabled
translate-port disabled
}
Which part of the configuration is the cause of the issue?
The failure of the Forwarding (IP) virtual server is caused by an incorrect Network Mask configuration for a wildcard destination.
Wildcard Destination: The administrator intends to create a 'Wildcard' Virtual Server that listens for any destination IP address (0.0.0.0).
The Mask Conflict: A mask of 255.255.255.255 (or /32) tells the BIG-IP to look for a specific, single host address. When combined with 0.0.0.0, the system is literally looking for traffic destined for the IP 0.0.0.0, which is not a valid routable destination for standard traffic.
Correct Configuration: To allow the virtual server to catch traffic for any IP address, the mask must be changed to 0.0.0.0 (or /0). This signifies that the system should ignore all bits of the destination address and match everything.
Forwarding Logic: The rest of the configuration---including ip-forward (Forwarding IP type), translate-address disabled, and translate-port disabled---is correct for a BIG-IP acting as a router/gateway.
Currently there are no comments in this discussion, be the first to comment!