Applies To:
Show Versions
Configuring Multiple IP Addresses and Service Ports for a Virtual Server
Overview: Configuring a virtual server for multi-source or multi-destination traffic
When you configure the BIG-IP system, you typically create a separate virtual server for each unique source or destination IP address/port combination specified within the header of ingress packets. You also assign a unique set of profiles and policies that you want the virtual server to apply to the matching traffic.
In some cases, however, disparate traffic flows destined for various IP addresses and ports all need the same set of profiles and policies applied to them. Rather than creating many separate virtual servers to accomplish this, you can create a single virtual server that specifies multiple source or destination IP address/port combinations, while applying the same set of profiles and policies to all of the traffic.
Configuration summary
This illustration shows the sequence of tasks for configuring the BIG-IP system so that a virtual server can listen for traffic flows destined for various IP addresses and service ports instead of for just a single IP address and port.
This illustration shows the configuration process.
Create an IP address list for a virtual server
You can specify a list of IP addresses as the destination or source IP address in a virtual server. An address list can contain single, non-contiguous IP addresses, a range of contiguous IP addresses, or both.
To specify an address list in a virtual server, you must first create the list using the Shared Objects area of the BIG-IP Configuration utility. A virtual server can then listen for all traffic from, or destined for, any of the addresses in the list and apply the same set of profiles and policies to that traffic.
Create a service port list for a virtual server
If you want to specify multiple service ports as the source or destination port on a virtual server, you must first create a port list, using the Shared Objects area of the BIG-IP Configuration utility. A port list contains a list of ports that a virtual server can listen for and then apply a set of profiles and policies to.
Create a virtual server that specifies multiple IP addresses and ports
You can create a virtual server that specifies a list of IP addresses and a list of service ports. Specifying a list of addresses and ports is helpful when you have ingress traffic from, or destined for, disparate IP addresses, and all of the traffic requires the same set of traffic profiles and policies to be applied to it. Depending on your use case, specifying lists of addresses and ports in a single virtual server can reduce the number of virtual servers that you need to create for a network configuration.
Constraints for using IP address and port lists
When you use IP address lists and port lists to configure the source or destination address in a virtual server, make sure you keep these constraints in mind to ensure successful configuration:
- You cannot remove an address list from the BIG-IP system if the list contains a virtual address in use by another virtual server.
- No two virtual servers can contain the same IP address in their respective address lists.
- The address ranges specified on a virtual server cannot overlap. For example, two or more ranges specified on a virtual server cannot contain the IP address 10.20.10.5.
- All addresses in an address list must be of the same type (either IPv4 or IPv6).
- In a range of addresses or ports, the beginning value of the range must be lower than the ending value. For example, you cannot specify a range of 10.10.20.30 - 10.10.20.10.
- All addresses in an address list must belong to the same route domain.
- Another virtual server cannot specify an overlapping end point as defined by: the same source or destination address and mask, the same service port, the same route domain ID, and enabled on the same VLAN.
