Basic Setup of F5

I see in your config, that you defined the VLANs as internal and external. Is this must? Or is this a case only in routed mode? routed mode can have one vlan such as one-arm deployment.

 

 

What about bridge mode, where all VLANs are in same range? Then also, do we define VLANs as internal and external? you need 2 vlans to bridge traffic between them. you can see there are 2 vlans when configuring vlangroup.

 

 

are your access router and servers in the same subnet?

No, access routers connected to the edge, and the servers are in different subnet.

 

 

 

I have 1000s of F5s in our network that are setup in bridge mode, with the overall physical connectivity being as shown above.

 

 

The standby F5 is connected to as below:

 

 

 

Core Core

 

| |

 

Access Router1 Access Router2

 

| |

 

| |

 

ActiveF5--trunk----Agg Switch - A-----------Agg Sw-B ----Trunk----StandbyF5

 

| |

 

| |

 

L2Hst Switch |

 

| |

 

| |

 

Server1 Server2

 

 

I m seeking to understand how F5 works and behaves in bridge mode, need your help to understand.

 

 

In our network, i see that in bridge mode there are 5 VLANs on the F5 pair,and each in different, 172.20.30.x/24;172.20.40.x/24;172.20.50.x/24;172.20.60.x/24;172.20.70.x/24;

 

 

and there are more 10 Virtual servers and equal number of pools.

 

Each virtual server has the VIP on above five ranges, pools are associated with Virtual servers.

 

 

Can you please explain, how inbound and outbound traffic gets processed by F5 in bridge mode with above number of VLANs?

 

just a quick question. why do you think it is bridge mode?

Bcoz, both the servers in the pools and the VIPs are both in the same VLAN range. Correct me if i'm wrong?

if you do not have config such as vlangroupm, l2 forwarding virtual, i do not think it is in bridge mode. when traffic hits virtual, it will be sent to selected pool member based on load balancing algorithm. the pool member returns traffic to bigip and then send back to client.

Hmm...as far as i remember, yes, there is no config as vlangroup. What is l2 forwarding virtual?

 

 

But i do not see the 5 VLANs defined as internal or external anywhere in the config, which is the case in routed mode. right?

 

 

 

 

What is l2 forwarding virtual?it is one of virtual server types. actually, i never used it too. :-)

 

 

sol4362: Overview of Layer 2 (L2) forwarding virtual servers

 

http://support.f5.com/kb/en-us/solutions/public/4000/300/sol4362.html

 

 

But i do not see the 5 VLANs defined as internal or external anywhere in the config, which is the case in routed mode. right? no, you should have configured vlan. have you checked at local traffic > network > vlans?

how can i check frm CLI cmd mode?

how can i check frm CLI cmd mode?you mean listing vlan, don't you?

 

 

tmsh list net vlan

Following are the VLANs configured in our device, i do not see the internal or external cmd. How do i know if these are setup in bridge or routed mode?

 

 

vlans {

 

 

VLAN_A

 

 

VLAN_B

 

 

VLAN_C

 

 

VLAN_D

 

 

VLAN_E

 

 

}

 

 

vlan VLAN_A {

 

 

tag 40

 

 

mac masq

 

 

failsafe enable

 

 

timeout 25

 

 

failsafe failover

 

 

trunks tagged TRUNK_LINK_AGG_A

 

 

}

 

 

vlan VLAN_B {

 

 

tag 41

 

 

mac masq

 

 

failsafe enable

 

 

timeout 25

 

 

failsafe failover

 

 

trunks tagged TRUNK_LINK_AGG_A

 

 

}

 

 

vlan VLAN_C {

 

 

tag 42

 

 

mac masq

 

 

failsafe enable

 

 

timeout 25

 

 

failsafe failover

 

 

trunks tagged TRUNK_LINK_AGG_A

 

 

}

 

 

vlan VLAN_D {

 

 

tag 43

 

 

mac masq

 

 

failsafe enable

 

 

timeout 25

 

 

failsafe failover

 

 

trunks tagged TRUNK_LINK_AGG_A

 

}

 

 

vlan VLAN_E {

 

 

tag 44

 

 

mac masq

 

 

failsafe enable

 

 

timeout 25

 

 

failsafe failover

 

 

trunks tagged TRUNK_LINK_AGG_A