0

I am setting up a network with a CentOS client, a CentOS server and a BIG-IP.

The network looks like this:

(client) < -- > (BIG-IP) < -- > (server)

The client is on a 10.10.20.x network.
The server is on a 10.10.10.x network.
The BIG-IP is on a 10.10.10x AND 10.10.20x network.
  1. The client should be ONLY able to talk to the BIG-IP.
  2. The server should be ONLY able to talk to the BIG-IP.
  3. The BIG-IP should be able to talk to both (all traffic must go through the BIG-IP).

-

  1. Client can ping BIG-IP, and BIG-IP can ping client so that all works.
  2. Server can also ping BIG-IP, but BIG-IP can't ping the server back!

BIG-IP doesn't even know that the server exists.

For simplicity's sake, I am using the Linux distro that BIG-IP is built on, for testing and not using BIG-IP functionality yet. Just pretend the BIG-IP is another Linux server.

Any ideas?

tl;dr server A can ping server B, but server B can't ping server A.

TessellatingHeckler
  • 5,676
  • 3
  • 25
  • 44
Andrew
  • 101
  • `but BIG-IP can't ping the server back` Here is your problem, correct this. With poor infos you give about your network topology we cannot be more precise...`server A can ping server B, but server B can't ping server A` This is also a problem ! Describe your Network topolgy ! – krisFR Jul 22 '14 at 20:43
  • Agreed with @krisFR, but I'd be pretty safe assuming this is just a routing issue or a firewall one. – jski Jul 22 '14 at 20:46
  • Its all virtual. Everything is hosted within a VMWare VCloud VApp. All three are on an admin network: Gateway - 10.145.255.254, Mask - 255.255.192.0 External Network: Gateway - 10.10.20.254, Mask - 255.255.255.0 Internal Network: Gateway - 10.10.10.254, Mask - 255.255.255.0 – Andrew Jul 22 '14 at 20:52
  • This does not help...Try "traceroute" to debug... – krisFR Jul 22 '14 at 21:04
  • Your IP configuration is either very incomplete or doesn't make sense at all with the 10.145.255.254 address (which isn't in the same block as 10.10.10.x and 10.10.20.x) and the 255.255.192.0 netmask (which would cover both these two blocks). If the BigIP can't ping the server, check for IP misconfiguration, firewalling on the host, routing on both host and BigIP. But if you really want some help on this, please update the original question with some real information, like the IP addresses, BigIP config (type/version, self IPs, ARP, routes, SNAT/DNAT config), because it's all just guesses now. – Teun Vink Jul 22 '14 at 21:41

0 Answers0