Testing F5Networks NVGRE gateway Environment

Lately we have been testing F5 HNV Gateway PowerShell Module with VMM 2012 R2. Plugin allows to use BIG-IP as gateway between VMM and external network. Our demo environment contain VMM 2012 R2, WAP. From F5 point of view we needed to install BIG-IP and BIG-IQ VMs.

This blog post describes the steps what we did from VMM point of view. We did this testing (and it will continue) with F5 architects and they helped us a lot.

Installation based on following F5 networks article.
I will go through steps from VMM point of view to help you understand the configuration.

We first downloaded BIG-IP and BIG-IQ virtual-editions from F5 partner portal and installed them to our environment. We used following version:
BIG-IP v11.5.2 / Virtual Edition (BIGIP-11.5.2.0.0.141.LTM.vhd.zip)
BIG-IQ v4.5.0 / Virtual Edition (BIG-IQ-4.5.0.0.0.7028.vhd.zip)

BIG-IP contain four different interfaces:
F5 Management (mgmt interface. Dedicated VLAN for managing F5 Big-IP)
Management (Self-ip. Management VLAN)
Provider address (PA)
External network

Configuring mgmt interface from BIG-IP (System -> Platform)
F5Net01

Configuring Self-ip interface from BIG-IP (Network -> Self-ip). Remember to allow Port lockdown
F5Net02

BIG-IQ contain one network interface:
Management (Management VLAN)

IP address is configured via SSH.

Next we needed to setup VMM side and install F5 Networks HNV Gateway PowerShell Module on VMM server. Installation is described in F5 article. Remember if you are using HA VMM you need to install module to both VMM nodes
(F5GatewayPowerShellSetup.msi)

We were using standalone BIG-IP system so our configuration file is called “gateway-one-bigip.cfg”. Modifications can be done manually from “C:\Windows\System32\WindowsPowerShell\v1.0\Modules\F5GatewayProvider\gateway-one-bigip.cfg” or with HNV_config_builder.html (builder can be found from F5).

We used HNV_config_builder to create cfg file
F5Net03

After filling the needed information you are able to get script parameters and also gateway-one-bigip.cfg input from Finalize tab.
F5Net05

Then we needed to copy following information to configuration file (gateway-one-bigip.cfg) on VMM server and execute the script:

F5Net06

 

Configuration will then ask you to fill needed account details:

BIG-IQ
F5Net07

BIG-IP admin:
F5Net08

BIG-IP root:

F5Net09

Then you will get note that group is created
F5Net10

 

Next we needed to setup RunAs account for BIG-IP:
F5Net11

and finally configure new network service
F5Net12

Choose F5 networks for Manufacturer and BIG-IP model
F5Net13

Browse earlier created RunAs account
F5Net14

and configuration string should be our cfg file
F5Net15

Validate that everything is working as expected
F5Net16

Specify host groups
F5Net17

F5Net19

and now we have F5 network service
F5Net20

Although the front end connection does not matter to the gateway plug-in, you must select one. For the back end connection, select the BIG-IP VLAN that has connectivity on the SCVMM provider network. Note that the BIG-IP system will be configured with a self IP address on this network, using a dynamically allocated address.
F5Net21

Next we can test to connect our VM network to connect BIG-IP system to provide gateway services
F5Net22

And ensure from BIG-IP that configuration works
F5Net23

Hope this blog post help you to understand the steps what is needed from VMM point of view. I will update this blog post when we continue with WAP integration and other fun stuff!

 

8 thoughts on “Testing F5Networks NVGRE gateway Environment

  1. Hi!
    Would you mind sharing a link to HNV_config_builder you mentioned above ? F5 site doesn’t find any meaningful results as well as google.com.

  2. Great post I have been searching all over for some decent instructions .

    I need to install a HA pair .

    One thing I’m not clear on is if I need to configure a PA self IP in the big-ip before I install the plugin. The f5 document mentions it , but it is not clear. does this get dynamically assigned from the PA pool?

    I’m also unable to find the HVN_config_builder any chance you can send me the link.

    Many thanks

Leave a Reply

Your email address will not be published. Required fields are marked *