Forum Discussion
NimbostratusConfiguring an interface with a tagged vlan and assigning an IP to it
Hi,
So i just configured a tagged vlan over an interface on my Big IP in the production environment and assigned an IP address to it. Its supposed to be a simple point to point connectivity. The IPs are in the same /29 subnets however there is no ping
Here are the steps I followed
1- Create Vlan Client --> vlan id 1000 --> tagged interface 1/2.2
2- Assigned a physical self IP against it 10.18.231.212/29
3- Assigned a floating IP for vlan: Client 10.18.231.211/29
4- Router IP configured in the same vlan ID is 10.18.231.209/29
I suspect there is a cabling issue ? Any comments. The config is pretty straight forward.
17 Replies
Cheeky_168406The design is like below
VLAN Name IP Network VLAN ID IP Address Hostname Interface Ingress 10.18.231.208/29 1000 10.18.231.209 EFS1 1/4 /Client 10.18.231.210 EFS2 1/4 10.18.231.211 F5_Floating 10.18.231.212 F5A_Physical 1/2.2 10.18.231.213 F5B_Physical 1/2.2
shaggy_121467Cumulonimbus
Is the remote interface a trunk port with vlan 1000? You might try making the interface untagged in vlan 1000 to see if it makes a difference.
- Cheeky_168406Hi yes its a trunk port as we are configuring our F5 ports for multiple vlans. However, the very first vlan is not working. There is another vlan assigned on the same port (FYI)
shaggyIs the remote interface a trunk port with vlan 1000? You might try making the interface untagged in vlan 1000 to see if it makes a difference.
- Cheeky_168406Hi yes its a trunk port as we are configuring our F5 ports for multiple vlans. However, the very first vlan is not working. There is another vlan assigned on the same port (FYI)
- shaggy_121467
When you ping the F5 self-IP from the router and vice versa, do you see anything populated in the ARP tables for the involved IP addresses?
- Cheeky_168406nope I dont see any arp entries for the new vlan ! The interface is up
- shaggy_121467The configuration on the F5-side looks correct. If there's another functional VLAN tagged on the same interface, then it sounds like an interface or VLAN 1000 configuration issue on the remote end or a cabling issue.
- shaggy
When you ping the F5 self-IP from the router and vice versa, do you see anything populated in the ARP tables for the involved IP addresses?
- Cheeky_168406nope I dont see any arp entries for the new vlan ! The interface is up
- shaggyThe configuration on the F5-side looks correct. If there's another functional VLAN tagged on the same interface, then it sounds like an interface or VLAN 1000 configuration issue on the remote end or a cabling issue.
- What_Lies_Bene1
Cirrostratus
So the switch has the VLAN configured and trunked/tagged on the relevant interfaces connecting the F5s. No pruning taking place?
- Cheeky_168406
so that means media is communicating[root@XXXXX:/S2-green-P:Active] config tmsh sh net interface 1/2.2 all-properties Net::Interface Name Status Bits Bits Pkts Pkts Mcast Mcast Errs Errs Drops Drops Colli Media Flow Trunk Aggreg In Out In Out In Out In Out In Out sions Ctrl ------------------------------------------------------------------------------------------------------------------------------ 1/2.2 up 69.8M 211.0K 121.0K 355 121.0K 355 0 0 20.1K 0 0 10000SR-FD tx-rx none detached - Cheeky_168406
so i figured that the ARP is not getting responded
config tcpdump -ni Clients_3:nnn -s0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on Clients_3:nnn, link-type EN10MB (Ethernet), capture size 65535 bytes 20:20:37.256596 arp who-has 10.18.231.209 tell 10.18.231.212 out slot2/tmm0 lis= flowtype=0 flowid=0 peerid=0 conflags=0 inslot=0 inport=0 haunit=0 peerremote=00000000:00000000:00000000:00000000 peerlocal=00000000:00000000:00000000:00000000 remoteport=0 localport=0 proto=0 vlan=0 20:20:37.256600 arp who-has 10.18.231.209 tell 10.18.231.212 out slot2/tmm0 lis= flowtype=0 flowid=0 peerid=0 conflags=0 inslot=0 inport=0 haunit=0 peerremote=00000000:00000000:00000000:00000000 peerlocal=00000000:00000000:00000000:00000000 remoteport=0 localport=0 proto=0 vlan=0 - Cheeky_168406
another question here is that why the ARP message below shows the vlan=0
?
- shaggytry tcpdump -nei http://support.f5.com/kb/en-us/solutions/public/7000/200/sol7227.html
- Cheeky_168406
so in the end it appears the guys at the router end were configuring wrong IPs against the wrong vlans!
