Here’s an explanation of how to set up IPv4 – IPv6 translator on BIG-IP LTM.
Clients access to the IPv4 VIP with IPv4 and LTM accesses to the IPv6 servers with LTM’s self IP (IPv6)
Client : 10.0.0.10
|
vSwitch
|
| VIP : 10.0.0.120
|serlf IP: 10.0.0.1
LTM ----------------------------
|self IP: 1.2 : 2000:aaaa:0:a:0:0:0:1
|
vSwitch
|
Apache Server1 , Apache Server2
|
Server1 : 2000:aaaa:0:a:0:0:0:2
Server2 : 2000:aaaa:0:a:0:0:0:3
Create a virtual server for Ipv4 – IPv6 translation
Local Traffic -> Virtual Servers -> Create
Specify an IPv4 as VIP
Specify IPv6 pool
Access to the IPv4 VIP from IPv4 client
a capture data between client and LTM ( IPv4 )
# tshark -r zzz.pcap | head -5
Running as user "root" and group "root". This could be dangerous.
1 0.000000 10.0.0.10 -> 10.0.0.120 TCP 57658 > http [SYN] Seq=0 Win=14600 Len=0 MSS=1460 TSV=123145 TSER=0 WS=6
2 0.001120 10.0.0.120 -> 10.0.0.10 TCP http > 57658 [SYN, ACK] Seq=0 Ack=1 Win=4380 Len=0 MSS=1460 TSV=4137570965 TSER=123145
3 0.001140 10.0.0.10 -> 10.0.0.120 TCP 57658 > http [ACK] Seq=1 Ack=1 Win=14600 Len=0 TSV=123146 TSER=4137570965
4 0.001210 10.0.0.10 -> 10.0.0.120 HTTP GET / HTTP/1.1
|
a cap data between LTM and server
34 2.600178 2000:aaaa:0:a::1 -> 2000:aaaa:0:a::3 HTTP GET /zzz HTTP/1.1
35 2.600198 2000:aaaa:0:a::3 -> 2000:aaaa:0:a::1 TCP http > 57669 [ACK] Seq=1 Ack=498 W
in=6432 Len=0 TSV=260594613 TSER=4137747486
36 2.600586 2000:aaaa:0:a::3 -> 2000:aaaa:0:a::1 HTTP HTTP/1.1 404 Not Found (text/htm
l)
37 2.600651 2000:aaaa:0:a::3 -> 2000:aaaa:0:a::1 TCP http > 57669 [FIN, ACK] Seq=478 Ac
k=498 Win=6432 Len=0 TSV=260594614 TSER=4137747486
|
session persistence method is cookie insert mode.
Let’s check whether LTM insert cookie into HTTP headers or not
# tshark -r zzz.pcap -V | grep -i cookie | head -3
Cookie: lbcookie=vi2000aaaa0000000a0000000000000003.20480\r\n
Cookie: lbcookie=vi2000aaaa0000000a0000000000000003.20480\r\n
Cookie: lbcookie=vi2000aaaa0000000a0000000000000003.20480\r\n
|
LTM inserted cookie into HTTP header.
Insert Clients original IP into HTTP header
When the LTM accesses to IPv6 servers , LTM use its self IP ( IPv6 ) not clients IP ( IPv4 ).
So Apache can’t determine whether clients come from.
So inserting original client IP into HTTP header is very useful when you face problems or something.
Local Traffic -> Profiles -> Services -> HTTP -
create the profile ( http_client_IP )
check “Custom” button
enable “Insert X-Forward-For”
Local Traffic -> Virtual Servers -> Virtual Server List -> http-v4-v6
Choose “http_client_IP” as HTTP Profile and then click “Update”
cap data
Source: 2000:aaaa:0:a::1 (2000:aaaa:0:a::1) <- LTM self IP
Destination: 2000:aaaa:0:a::3 (2000:aaaa:0:a::3) <- the server’s IP
Hypertext Transfer Protocol
GET /zzz HTTP/1.1\r\n
[Expert Info (Chat/Sequence): GET /zzz HTTP/1.1\r\n]
[Message: GET /zzz HTTP/1.1\r\n]
[Severity level: Chat]
[Group: Sequence]
Request Method: GET
Request URI: /zzz
Request Version: HTTP/1.1
Host: 10.0.0.120\r\n
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.24) Gecko/20111108 Red Ha
t/3.6.24-3.el6_1 Firefox/3.6.24\r\n
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n
Accept-Language: en-us,en;q=0.5\r\n
Accept-Encoding: gzip,deflate\r\n
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n
Keep-Alive: 115\r\n
Connection: keep-alive\r\n
Cookie: lbcookie=vi2000aaaa0000000a0000000000000003.20480\r\n
Cache-Control: max-age=0\r\n
X-Forwarded-For: 10.0.0.10\r\n <- Client real IP
\r\n
|
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.