Forum Discussion
NimbostratusActive/Active Deployment in transparent mode
Dear all,
I have complicated task which ends in Layer 2 routing loop. The both BIG-IP Devices are configured with two Traffic Groups (Zone1 and Zone2) and they are working in Active/Active configuration.
Box1
Zone1 Active
Zone2 Standby
Box2
Zone1 Standby
Zone2 Active
I created two VLANs and put them in a common VLAN Group. I have put the group in transparent mode : transparent
The problem: Layer 2 loop appeared when I configured the same VLAN Group on the second device. I did a deep problem investigation and I do believe that :
1.Packets coming from VLAN 555 successfully bridged to VLAN 55. (Box1 Zone1 Active)
2.When that packet arrived on VLAN 55 on Box2 Zone1 Standby they are again bridged to VLAN 555.
3.As a conclusion we have a LOOP never mind that bridge checkbox are not marked.
Is that Active/Active configuration supported in Layer 2 VLAN Groups? I do have some hesitation because it looks that in such a scenario when both devices are Active their bridging/switch part is working per device basic not per traffic-group.
My idea is to have Active/Active deployment in Layer 2 mode in which Vlan 555 and Vlan 55 are bridged and they have the same subnet. (Layer 3 address space)
Any comments or recommendations will be highly appreciated thanks a lot in advance!
Best Regards,
Martin
5 Replies
IheartF5_45022Nacreous
By default a VLAN group will forward IP traffic. the "bridge all traffic" setting simply means that non IP traffic can also be bridged.
Is it arp traffic that you see looping? You may need to exclude the self-IPs of the peer device from proxy arp forwarding on each box. Use this link and then scroll down to "Host exclusion from proxy ARP forwarding".
MartinVKonov_15Hi,
All checkbox related to Bridge all traffic or Bridge Standby traffic are not marked. So I do believe that we didn't have a not IP packet loop. On the other hand I have some impact on the other devices in the network (CPU goes high) so I didn't have the chance to do some capture. I am planning to put our deployment in a staging environment and do some testing.
- IheartF5_45022
I understand, but you will have a loop for arp traffic. To prevent an arp storm unless I think you need to exclude the peer device self-IPs.......
- MartinVKonov_15
Hi Joanna,
Today I did a bit different test with two standalone Big-IP which are working as Active/Active. I configured both machine in the same way and I have tried your proposal but as a result I still have Layer 2 Loop.
My Cisco switch Reported that as :
Oct 2 12:59:09.184: %SW_MATM-4-MACFLAP_NOTIF: Host 000c.2918.c3fd in vlan 122 is flapping between port Po1 and port Fa0/1
Oct 2 12:59:09.184: %SW_MATM-4-MACFLAP_NOTIF: Host 000c.2918.c3fd in vlan 123 is flapping between port Fa0/1 and port Po1
The only option which fixed that issue was when I have put my transparent mode = opaque. Which is not exactly L2 mode :) What is more I am still looking for some good document/book of which those three transparent modes are explained in more details. Could you propose me something?
- IheartF5_45022
Sorry all I can see is the doco which is brief;-
