Manual Chapter :
Deploying Route Domains within a vCMP Guest
Applies To:
Show VersionsBIG-IP AAM
- 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
BIG-IP APM
- 17.1.1, 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
BIG-IP LTM
- 17.1.1, 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
BIG-IP AFM
- 17.1.1, 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
BIG-IP DNS
- 17.1.1, 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
BIG-IP ASM
- 17.1.1, 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
Deploying Route Domains within a vCMP Guest
Overview: Deploying Route Domains within a vCMP Guest
With a vCMP® system, you typically create guests as a way to segment
different types of application traffic. An alternative way to segment application traffic is to
configure a feature known as route domains, within a single guest.
A
route domain
is a configuration object that isolates network traffic for a
particular application on the network. Using route domains, you can assign the same IP address or
subnet to multiple nodes on a network, provided that each instance of the IP address resides in a
separate route domain.The configuration described here manages traffic for three separate customers, where each
customer has its own route domain to process and ensure isolation for a different type of
application traffic. By using route domains within a guest, you can minimize the total number of
guests you must create to manage customer traffic.
This illustration shows a redundant system configuration in which a single guest uses route
domains for three separate customers.
Each route domain contains all of the network objects necessary for processing a specific type of
traffic and ensuring failover to the other guest in the event that the system becomes
unavailable. These network objects consist of floating self IP addresses associated with
host-based VLANs, floating virtual IP addresses, and pool members defined on the guest. The
floating addresses are further associated with an active traffic group on one instance of the
guest and a standby traffic group on the other instance of the guest.
Prerequisite configuration tasks
Before you begin deploying route domains within a vCMP guest, ensure that you have configured
the following on each chassis:
- The initial setup of the BIG-IP® base network on the VIPRION® chassis, prior to provisioning the system for vCMP®. This setup typically includes VLANs for the external and internal networks, as well as an additional internal VLAN for failover communications between device group members.
- The initial setup of the vCMP host. This includes provisioning the system for vCMP and creating guests, with the host VLANs published to the guest.
- Non-floating self IP addresses on the guest. These addresses are associated with the host-based external, internal, and high availability VLANs.
- A Sync-Failover device group consisting of two guests as its members (one guest per chassis). The guests on the two chassis should be identical with respect to memory, CPU, and slot allocation.
About VLAN and BIG-IP address configuration
When you initially configured the BIG-IP® base network on the VIPRION® system, you created three VLANs: two for the internal and external
networks, and one for high availability communications, and you created their associated
non-floating self IP addresses. Now you are ready to create additional VLANs and self IP
addresses for processing each customer's application traffic. On a system provisioned for vCMP®, all VLANs reside on the vCMP host, while all self IP addresses (floating
and non-floating) reside on the guest.
Illustration of VLAN and BIG-IP address configuration
This illustration shows the relationship of the VLANs on the host to the IP addresses within each
route domain on the guest. Note that in our example, all three customers use the same self IP
and virtual IP addresses but with unique route domain IDs. Also note that except for the
non-floating self IP addresses in partition
Common
, the entire
configuration is duplicated on the peer guest (not shown).In this illustration:
- Blue text
- Objects created by host administrator.
- Black text
- Objects created by guest administrator.
- Brown text
- Objects created by customer administrator.
Tasks for the host administrator
To set up a route domain configuration, the vCMP® host administrator needs
to create VLANs for use by each customer.
On the host, for our sample configuration with three customers, you create a separate set of
uniquely-tagged internal and external VLANs for each customer. You will therefore create at least
six VLANs on the host (two per customer) that, when combined with the three existing VLANs, bring
the total number of VLANs on the host to nine. At this point, all VLANs reside in partition
Common
. Then you assign all nine host-based VLANs to the guest. This
allows the guest to use those VLANs to process customer traffic.To summarize, the objects that a host administrator creates are:
- VLANs created during base VIPRION® configuration
- Customer-specific VLANs for use by guest route domains
Creating customer VLANs on the vCMP host
You create additional VLANs on the vCMP host that you then
assign to the guest. Then, when logged in to the guest, you can selectively
distribute the VLANs to different route domains within the guest. Each route domain
corresponds to a different customer.
You must create this same set of VLANs on the host of each vCMP system
in the configuration.
Ensure that the tags for all VLANs that you create are
unique.
- On the Main tab, click.The VLAN List screen opens.
- ClickCreate.The New VLAN screen opens.
- In theNamefield, type the name of the first VLAN.
- In theTagfield, type a numeric tag, between 1-4094, for the VLAN, or leave the field blank if you want the BIG-IP system to automatically assign a VLAN tag.The VLAN tag identifies the application traffic for the associated VLAN.Each VLAN tag that you specify in this field must be unique on the vCMP system.
- If you want to use Q-in-Q (double) tagging, use theCustomer Tagsetting to perform the following two steps. If you do not see theCustomer Tagsetting, your hardware platform does not support Q-in-Q tagging and you can skip this step.
- From theCustomer Taglist, selectSpecify.
- Type a numeric tag, from 1-4094, for the VLAN.
The customer tag specifies the inner tag of any frame passing through the VLAN. - For theInterfacessetting:
- From theInterfacelist, select an interface number.
- From theTagginglist, selectTaggedorUntagged.SelectTaggedwhen you want traffic for that interface to be tagged with a VLAN ID.
- If you specified a numeric value for theCustomer Tagsetting and from theTagginglist you selectedTagged, then from theTag Modelist, select a value.
- ClickAdd.
- ClickRepeatand repeat these steps to create additional VLANs.
After you complete this task on the vCMP host, VLAN objects exist on the system that
you can assign to the guest.
Assigning VLANs to
the vCMP guest
Before you perform this task, verify that you have created a vCMP guest on the system.
The guest should have an external, an internal, and a high availability VLAN assigned to
the guest. Also verify that the guest is in the Configured or Provisioned
state.
You assign host-based VLANs to a guest so that the guest can use
those VLANs to process customer traffic. For the sample configuration, you assign
all six customer-specific VLANs to the guest.
You must be logged in to the vCMP host to perform this
task.
- On the Main tab, click.This displays a list of guests on the system.
- In the Name column, click the name of the guest that you want to modify.This displays the configured properties of the guest.
- For theVLAN Listsetting, select all customer-specific VLANs from theAvailablelist, and use the Move button to move the VLAN names to theSelectedlist.
- ClickUpdate.
After you perform this task, the guest can use the selected VLANs to process customer
traffic.
Tasks for the guest administrator
You perform the remainder of the configuration on the vCMP® guest. First,
you create an administrative partition for each customer. Then from within each customer's
partition, you move the relevant customer-specific VLANs from
Common
to
that partition.Once each customer's VLANs have been moved to the relevant partition, you can create a route
domain and a traffic group for each customer.
To summarize, the objects that a guest-wide administrator creates are:
- Administrative partitions
- Instances of host-based customer VLANs
- Route domains
- Traffic groups for failover
Creating an administrative partition for each customer
You perform this task to create administrative partitions within a vCMP guest. An
administrative partition
creates an access
control boundary for users and applications. Using this task, you create a separate
administrative partition for each customer associated with the guest. Each
administrative partition will contain a route domain that contains the Layer 3
objects associated with the relevant customer.Before performing this task, log in to the guest using the guest IP
address.
- On the Main tab, expandSystemand clickUsers.The Users List screen opens.
- On the menu bar, clickPartition List.
- ClickCreate.The New Partition screen opens.
- In thePartition Namefield, type a unique name for the partition.An example of a partition name isCustomerA_partition.
- Type a description of the partition in theDescriptionfield.This field is optional.
- For theDevice Groupsetting, ensure that the Sync-Failover device group containing this vCMP guest is selected.
- For theTraffic Groupsetting, retain the default value, which is the floating traffic grouptraffic-group-1.You will change this value later in the route domain implementation process.
- ClickFinished.
- Repeat these steps to create additional administrative partitions.
After you perform this task, the new partitions appear in the list of partitions on
the guest, as well as in the
Partition
list in the upper right
corner of every BIG-IP Configuration utility screen.About moving
host-based VLANs to a customer partition
As guest administrator, you must switch to a specific customer
administrative partition and move a customer-related VLAN from
Common
to that partition. You effectively move
each VLAN by deleting the VLAN from Common
and re-creating the VLAN in the relevant customer's partition.For example, if you create route domain
1
in partition A
for Customer A's
traffic, you will then move VLANs
ext_custA
and int_custA
from Common
to partition A
. This associates the VLAN with the new
partition instead of partition Common
,
without changing the host's control of the VLAN's underlying Layer 2 (and lower) network
resources.Although
you are logged in to the guest and you move the VLANs from
Common
to the relevant partition, the VLANs
continue to reside on the host.Deleting VLANs in partition Common from within the guest
Before you perform this task, ensure that, on the vCMP host, you
have created all customer-relevant VLANs for this implementation and assigned all of
them to the vCMP guest. Also, ensure that you are logged in to the guest, using
the guest IP address.
You use this task to delete a VLAN in partition
Common
on a guest
so that you can re-create the VLAN in a customer partition.You must be logged in to the guest to perform this task.
- On the Main tab, click.The VLAN List screen opens.
- In the upper-right corner of any the BIG-IP Configuration utility screen, locate thePartitionlist and ensure that partitionCommonis selected.
- In the Name column, locate the relevant VLAN name.
- In the Tag column, note the numeric ID.You will specify this ID when you re-create this VLAN in a customer partition.An example of a VLAN ID in the Tag column is4094.
- If the VLAN has a customer tag (optional), then in the Customer Tag column, note the numeric ID.You will specify this ID when you re-create this VLAN in a customer partition.
- To the left of the VLAN name, select the check box and clickDelete.The system prompts you to confirm the delete action.
- ClickDelete.
After you perform this task, the VLAN in partition
Common
on the guest is deleted.Re-creating VLANs in each administrative partition
Before you perform this task, ensure that you are logged in to the guest, using
the guest IP address.
You perform this task to re-create a VLAN in a specific customer partition. You
re-create a VLAN in a customer partition when you want to set up a route domain
configuration within the guest. The VLAN you are re-creating is one that you
previously created on the host in partition
Common
and then
deleted from partition Common
when you later logged in to the guest. Each route
domain that you create in a partition requires you to assign one or more VLANs to
that route domain, and those VLANs must reside in the same partition as the route
domain.- On the Main tab, click.The VLAN List screen opens.
- In the upper-right corner of any the BIG-IP Configuration utility screen, locate thePartitionlist and select the customer-specific administrative partition.If the partition selections are unavailable, you do not have a user role that allows you to change the current partition.An example of a selected partition isCustomerA_partition.Whenever you select a partition name from the list, the current administrative partition changes to the selected partition.
- ClickCreate.The New VLAN screen opens.
- Type a name for the VLAN.You can specify the same name as the VLAN that you deleted from partitionCommonor you can type a unique name.
- For theTagfield and the optionalCustomer Tagfield, type the same ID that was previously assigned to the VLAN that you deleted from partitionCommon.For example, if VLANexternal_cust_Aon the host in partitionCommonhas a VLAN tag of4094, then the VLAN that you re-create within the guest in partitionCustomerA_partitionmust also have the tag4094.
- Retain the values for all other settings as configured.
- ClickFinished.This prompts you with the question:The VLAN has no interface, do you want to continue?
- ClickOK.
After you perform this task, the VLAN is associated with the customer's
administrative partition.
Creating a route domain for each administrative partition
With this task, you can create a route domain and associate it with the
administrative partition pertaining to a particular customer.
Before performing this task, ensure that you are logged in to the guest, using the
guest IP address.
- On the Main tab, click.The Route Domain List screen opens.
- In the upper-right corner of any the BIG-IP Configuration utility screen, locate thePartitionlist and select the customer-specific administrative partition.If the partition selections are unavailable, you do not have a user role that allows you to change the current partition.An example of a selected partition isCustomerA_partition.Whenever you select a partition name from the list, the current administrative partition changes to the selected partition.
- ClickCreate.The New Route Domain screen opens.
- In theIDfield, type an ID number for the route domain.This ID must be unique on the BIG-IP system; that is, no other route domain on the system can have this ID.An example of a route domain ID is1.
- In theDescriptionfield, type a description of the route domain.For example:This route domain applies to application traffic for Customer A.
- For theStrict Isolationsetting, select theEnabledcheck box to restrict traffic in this route domain from crossing into another route domain.
- For theParent Namesetting, retain the default value.
- For theVLANssetting, from theAvailablelist, select a VLAN name and move it to theMemberslist.The VLANs you select should be those pertaining to the customer for which you are creating this route domain.For example, you can select VLANsext_custAandint_custA.
- For theDynamic Routing Protocolssetting, from theAvailablelist, select one or more protocol names and move them to theEnabledlist.You can enable any number of listed protocols for this route domain.
- From theBandwidth Controllerlist, select a static bandwidth control policy to enforce a throughput limit on traffic for this route domain.
- From thePartition Default Route Domainlist, selectMake this route domain the Partition Default Route Domain.This value designates this route domain to be the default route domain for the current administrative partition.ThePartition Default Route Domainsetting appears only when the current partition is set to a partition other thanCommon.After choosing this value, you are not required to append the route domain ID to any self IP or virtual IP address that you create later for this route domain. Instead, the BIG-IP system automatically associates an IP address with the default route domain in the partition, as long as you set this partition to be the current partition when you create the address.
- ClickFinished.The system displays a list of route domains on the BIG-IP system, including the new route domain.
- Repeat the process of creating a route domain for another customer for which you want to segment traffic, associating the relevant VLANs in the process.
After you perform this task repeatedly, you should have three separate route domains with unique route domain IDs, and each route domain should be associated with unique internal and external VLANs that pertain to a specific customer. Also, each route domain should be designated as the default route domain for its associated administrative partition.
Creating an empty traffic group for each customer
Before you perform this task, confirm that the current partition is set to
Common
.Perform this task when you want to create a separate floating traffic group for each customer's traffic. You should perform this task on the guest on which you want the traffic groups to be active.
This procedure creates a traffic group but does not automatically
associate the traffic group with failover objects such as self IP and virtual IP
addresses. You associate a traffic group with specific failover objects when you
create or modify each object.
All traffic groups on the system must reside in partition
Common
.- On the Main tab, click.
- On the Traffic Groups screen, clickCreate.
- In theNamefield, type a name for the traffic group.For example, you can name the traffic grouptg-customerA.
- In theDescriptionfield, type a description for the new traffic group.For example, you can typeThis traffic group manages failover for Customer B traffic.
- In theMAC Masquerade Addressfield, type a MAC masquerade address.When you specify a MAC masquerade address, you reduce the risk of dropped connections when failover occurs. This setting is optional.
- From theFailover Methodlist, selectHA Order.
- For theFailover Ordersetting, in theAvailablebox, select the peer guest name, and using the Move button, move the name to theEnabledbox.This setting is optional. Only devices that are members of the relevant Sync-Failover device group are available for inclusion in the ordered list.
- ClickFinished.
- Repeat these steps to create a traffic group for each additional customer.
You now have floating traffic groups with no members.
After you perform this task, you can associate each customer's traffic group with the relevant failover objects (self IP addresses, virtual servers, and so on).
Assigning a traffic
group to each administrative partition
Before you perform this task, verify that you have created a unique administration
partition for each customer.
You assign an individual traffic group to each customer partition
to ensure that when failover occurs, the floating IP addresses defined in the named
traffic group fail over to the peer guest and remain associated with the correct
administrative partition.
- On the Main tab, expandSystemand clickUsers.The Users List screen opens.
- On the menu bar, clickPartition List.
- In the upper-right corner of any the BIG-IP Configuration utility screen, locate thePartitionlist and ensure that partitionCommonis selected.
- In the Name column, click a customer partition name.
- For theTraffic Groupsetting, clear the check box labeledInherit traffic group from root folderand from the list, select the name of a traffic group.
- ClickUpdate.
- Repeat these steps to assign a traffic group to each of the other customer partitions.
After performing this task, each customer's floating IP addresses will remain
associated with the correct administrative partition when failover occurs.
Tasks for each customer administrator
After the vCMP® host and guest administrators have set up the VLANs,
partitions, route domains, and traffic groups, the customer administrator logging into the
guest creates the necessary IP addresses for the application: internal and external floating
self IP addresses, server pool member addresses, and a destination virtual server address. The
customer administrator also modifies the floating virtual IP address (associated with the
virtual server) to assign the relevant traffic group.
Creating floating self IP addresses
As a customer administrator, you create two floating self IP addresses for each customer route
domain, one address for the internal network and one address for the external
network.
For example, for customer
A
's internal and external networks,
you create two self IP addresses to which you assign VLANs
int_custA
and ext_custA
respectively, which have both been previously assigned to route domain
1
. Similarly, for customer B
, you
create self IP addresses and assign VLANs int_custB
and
ext_custB
respectively, which have both been previously
assigned to route domain 2
, and so on.You also add the self IP addresses as members of a customer-related floating traffic
group. This causes the self IP addresses to become floating addresses.
Before performing this task, ensure that you are logged in to the
guest, using the guest IP address.
- On the Main tab, click.
- In the upper-right corner of any the BIG-IP Configuration utility screen, locate thePartitionlist and select the customer-specific administrative partition.If the partition selections are unavailable, you do not have a user role that allows you to change the current partition.An example of a selected partition isCustomerA_partition.Whenever you select a partition name from the list, the current administrative partition changes to the selected partition.
- ClickCreate.The New Self IP screen opens.
- In theIP Addressfield, type an IP address.This IP address should represent the address space of a specific VLAN. Because the route domain for the VLAN that you will associate with this self IP address is the default route domain for the current administrative partition, you are not required to append the relevant route domain ID to this IP address.The system accepts IP addresses in both the IPv4 and IPv6 formats.
- In theNetmaskfield, type the full network mask for the specified IP address.
- From theVLAN/Tunnellist, select the VLANs that you want to associate with this self IP address.The VLANs you select are those that you moved from partitionCommonto the current administrative partition.
- From thePort Lockdownlist, select a value.
- From theTraffic Grouplist, select the floating traffic group for which you want this self IP address to be a member.Selecting a floating traffic group automatically causes the self IP address to be a floating address.For example, you can select a traffic group namedtg-CustomerA.
- ClickFinished.The screen refreshes, and displays the new self IP address.
- Repeat this task for each floating self IP address that you need to create.
After performing this task repeatedly, each floating traffic group on the guest
should contain self IP addresses that are associated with the internal and external
VLANs for each customer.
Create a pool
Before you can assign an MQTT health monitor to a pool, you need to create the MQTT
monitor.
You can create a pool of servers that you can
group together to receive and process traffic. After the pool is created, you can
associate the pool with a virtual server.
- On the Main tab, click.The Pool List screen opens.
- ClickCreate.The New Pool screen opens.
- In theNamefield, type a unique name for the pool.
- For theHealth Monitorssetting, select an MQTT health monitor from theAvailablefield, and move it to theActivefield.
- For each pool member, in theNew Memberssetting, select one of the options, and then follow the steps to configure the applicable settings.OptionStepsNew Node
- In theNode Namefield, type a name for the node portion of the pool member.
- In theAddressfield, type the IP address of the server.
- For theService Portsetting, type one of the following port numbers, or select one of the following services from the list.Port NumberService Name1883MQTT. The Internet Assigned Numbers Authority (IANA) registered port for MQTT service.8883MQTT-TLS. The IANA registered port for secure MQTT service over a Transport Layer Security (TLS) network.
- ClickAdd.
New FQDN Node- In theNode Namefield, type a name for the node portion of the pool member.
- In theFQDNfield, type the FQDN of the server.To use FQDNs instead of IP addresses, you should still type at least one IP address. Typing one IP address ensures that the system can find a pool member if a DNS server is not available.
- For theService Portsetting, type one of the following port numbers, or select one of the following services from the list.Port NumberService Name1883MQTT. The Internet Assigned Numbers Authority (IANA) registered port for MQTT service.8883MQTT-TLS. The IANA registered port for secure MQTT service over a Transport Layer Security (TLS) network.
- From theAuto Populatelist, selectEnabledto automatically create ephemeral nodes, using the IP addresses returned by the resolution of a DNS query for the pool member defined by the FQDN.
- ClickAdd.
- ClickFinished.The screen refreshes, and you see the new pool in the Pool list.
Create a virtual server for application traffic
This task creates a destination IP
address for application traffic. As part of this task, you must assign the
relevant pool to the virtual server.
- On the Main tab, click.The Virtual Server List screen opens.
- ClickCreate.The New Virtual Server screen opens.
- In theNamefield, type a unique name for the virtual server.
- For a host, in theDestination Address/Maskfield, type an IPv4 or IPv6 address in CIDR format to allow all traffic to be translated.The supported format is address/prefix, where the prefix length is in bits. For example, an IPv4 address/prefix is0.0.0.0/0, and an IPv6 address/prefix is::/0.
- In theService Portfield, type80, or selectHTTPfrom the list.
- In the Configuration area of the screen, locate theTypesetting and select eitherStandardorForwarding (IP).
- From theHTTP Profilelist, select an HTTP profile.
- In the Resources area of the screen, from theDefault Poollist, select the relevant pool name.
- ClickFinished.
You now have a virtual server to use as
a destination address for application traffic.
Modifying a virtual IP address
The purpose of this task is to convert a non-floating virtual IP address to a
floating address, by adding the address as a member of a traffic group.
The BIG-IP system automatically creates a virtual
address when you create a virtual server.
- On the Main tab, click.The Virtual Address List screen opens.
- In the upper-right corner of any the BIG-IP Configuration utility screen, locate thePartitionlist and select the customer-specific administrative partition.If the partition selections are unavailable, you do not have a user role that allows you to change the current partition.An example of a selected partition isCustomerA_partition.Whenever you select a partition name from the list, the current administrative partition changes to the selected partition.
- In the Name column, click the virtual address that you want to assign to the traffic group.This displays the properties of that virtual address.
- From theTraffic Grouplist, select the traffic group for which you want this virtual address to be a member.Selecting a floating traffic group automatically causes the virtual IP address to be a floating address.For example, you can select a floating traffic group namedtg-CustomerA.
- ClickUpdate.
- Repeat these steps for each customer's virtual address.
Each floating virtual IP address for a route domain is now a member of the relevant
traffic group.
Implementation results
After you have completed all tasks in this implementation, you have a Device Service Clustering
(DSC®) configuration in which one of the guests on each vCMP® system contains three administrative partitions, each of which contains a default
route domain with Layer 3 IP addresses pertaining to a specific type of traffic.
With this configuration, the BIG-IP® system can process network traffic
for three separate customers. Because each set of addresses for a traffic type is contained in a
route domain, all three sets of customer IP addresses can be identical except for the unique
route domain ID that is implicitly part of each address.
Furthermore, each route domain is associated with a unique floating traffic group that can fail
over to the other guest if the vCMP® system becomes unavailable for any
reason.