How To's - Deploy Web Application with BIG-IP
Hi there, in this post we’re going to deploy a Web application through BIG-IP.
This lab assumes you have already BIG-IP licensed and configured. Our lab will be deployed based on the topology below:
For addressing we’re going to use the following configuration:
ClientLisbon:
IP: 203.0.1.2/24
GW: 203.0.1.1
ClientLondon
IP: 203.0.1.3/24
GW: 203.0.1.1
Asav
G0/0 203.0.1.1/24
G0/0 192.168.0.1/24
BIGIP
E 1.1 - 192.168.0.10/24
E 1.2 - 192.168.1.10/24
SERVER1
E0 - 192.168.1.11/24?
?
SERVER2
E0 - 192.168.1.12/24
?
SERVER3
E0 - 192.168.1.13/24
?
SERVER4
E0 - 192.168.1.14/24
?We'll begin by configuring ASAv.
interface GigabitEthernet0/0
?nameif outside
?security-level 0
?ip address 203.0.1.1 255.255.255.0?
!
interface GigabitEthernet0/1
?nameif inside
?security-level 100
?ip address 192.168.0.1 255.255.255.0?
!
object network BIGIP
?host 192.168.0.100
access-list INSIDE_TO_OUTSIDE extended permit ip object BIGIP any?
access-list OUTSIDE_TO_INSIDE extended permit tcp any object BIGIP eq www?
object network BIGIP
?nat (inside,outside) static 203.0.1.100
access-group OUTSIDE_TO_INSIDE in interface outside
access-group INSIDE_TO_OUTSIDE in interface inside
领英推荐
Now let’s enable IIS service on the servers to deploy a web page that will be accessed from the internet.
In Windows Server go to Start > All Programs > Administrative Tools > Server Manager > Roles > Add Roles > Next > Web Server IIS > … Install
Once the installation finishes, let’s return to the Server Manager and access the Internet Information Server by extending the Web Server (IIS) Role.
Inside the IIS Manager, we’ll extend the SERVER_NAME > Sites > Right on click on default Web Site > Explore
It will take us to the folder where the default web page located, I’ll change the web page to something much simpler. I want each server to display a slightly different page.
Now let’s begin configuring the BIGIP interfaces, log in to BIG-IP web page.
We’ll create two VLANS. The first one will be the internal interface and second one will be the external interface. Go to Network > VLANs > Create
We’ll provide the name, the vlan tag, and choose the interface 1.1 untagged.
The second one will be assigned to the interface towards the firewall. We’ll provide the name, the vlan tag, and choose the interface 1.2 untagged.
Now let’s assign the IP address to the interfaces by going to Network > Self IPs > Create
We’ll specify the IP address, netmask, and VLAN. For Port Lockdown we’ll choose the default. Repeat the same process for each interface.
We can check the interface status through Network > Interfaces, and confirm the status is UP.
Now let’s create a monitor, to monitor the nodes state, by accessing Local Traffic > Monitors > Create.
Specify the name, the type and the port Alias Service Port
Next let’s add the nodes through Local Traffic > Nodes > Create
Specify the name referencing the server, the IP address and for Health Monitors we’ll choose Node Specific and we’ll add the one created earlier. Repeat the same process for all the servers.
The final result should look like the one below.
Next we’ll create a pool for http service on port 80, through Local Traffic > Pools > Create
We’ll add the servers as members and we’ll add also a Health Monitor.
Lastly let’s create the Virtual Server that will process the traffic that will be load balanced to the servers, on Local Traffic > Virtual Servers > Create.
Specify the Name, Destination Address, Service Port and assign the pool created in Default Pool option.
Now let’s try to access the application from the “Internet”.
From ClientLisbon the session is sent to SERVER1
From ClientLondon the session is sent to SERVER3
We can monitor how much load traffic each server is receiving, by looking at Statistics > Local Traffic > Statistics Type > Pools
And we have deployed a web application through BIP-IP.
I hope you enjoyed this post, leave your comments below and I'll see you on the next one.
Reference:
https://support.f5.com/csp/knowledge-center/software/BIG-IP?module=BIG-IP%20LTM&version=16.0.1