Exam Topics
- F5CAB2
- F5CAB2.04
- Standard, Forwarding, Stateless, Reject
- Performance (Layer 4) and Performance (HTTP)
- F5CAB2.04
Introduction
On F5 BIG-IP, the Virtual Server is the core object responsible for processing and directing client traffic. While the Standard Virtual Server operates as a full proxy and provides advanced features such as deep inspection, persistence, security enforcement, and traffic manipulation, not every use case requires this level of processing.
For this reason, BIG-IP provides multiple Virtual Server types, each designed to address particular operational needs. The following sections explain why different Virtual Server types are necessary and describe the behavior and use cases of each: Standard, Forwarding, Performance (L4), Performance (HTTP), Stateless, and Reject.
The Need for Different Virtual Server Types
By default, the F5 BIG-IP operates as a deny-by-default device. This means that any traffic reaching the BIG-IP is dropped unless it is explicitly allowed. Traffic is only accepted once a listener is configured to handle it.
This behavior changes when you configure listeners such as NATs, SNATs, or more commonly, Virtual Servers. With a Virtual Server, the BIG-IP acts as a full-proxy device: a connection is established between the client and the Virtual Server, and a separate, independent connection is created between the BIG-IP and the backend server. This concept is explained in detail in the ADC Concepts article.
A Standard Virtual Server allows the BIG-IP to listen on a specific IP address and port, inspect traffic, apply policies, and forward requests to a pool of backend servers using load-balancing decisions.
However, not all use cases require traditional load balancing. In many scenarios, different types of Virtual Servers are needed, for example:
– Passing traffic from one network to another without making load-balancing decisions
– Forwarding traffic toward routers, firewalls, or internet routes rather than directly to backend servers
– Achieving better performance when no Layer 7 processing is required
– Explicitly rejecting traffic that might otherwise be allowed by other listeners
The following sections introduce the main Virtual Server types, explain their purpose, and provide practical examples for each.
BIG-IP Virtual Server Types
Standard Virtual Server
The Standard Virtual Server is the most commonly used virtual server type. It allows clients to connect to a specific IP address and port, acting as the primary entry point for application traffic.

Through a Standard Virtual Server, additional profiles such as HTTP, SSL, or TCP can be applied, making the virtual server more intelligent and application-aware. These profiles enable the BIG-IP to understand the protocols flowing through it and to inspect, modify, or block requests as needed.
After traffic inspection and policy enforcement, the virtual server makes a load-balancing decision and forwards the request to one of the pool members associated with it. This allows the BIG-IP to combine traffic control, security, and load balancing within a single listener.
Forwarding Virtual Server
The Forwarding Virtual Server is used to pass traffic from one network to another. It can be viewed as operating similarly to a router, as it forwards packets based on their destination address rather than performing load-balancing decisions.

Unlike a Standard Virtual Server, a Forwarding Virtual Server ...