difference between self-ip and internal-facing vip

There is a good solution on AskF5 on this subject. Please check SOL3475 for details.

A self IP is beeing used as:

• next hop to locally attached networks (local routing tables are automatically based on it),* source IP for healthchecks (both machines in a device group will use them to send out monitors),
• if defined as a floating self IP it may act as a next hop for incoming datagrams to get routed to destinations on or behind the BIG-IP,
• may be used for inband management and serves as reference point for heartbeat, mirroring and config sync (make sure to disable unnecessary services via PortLockDown),
• can be reached from associated ingress VLAN only,
• in case of 'self IP' will belong to traffic group 'traffic-group-local-only' and never be moved to another device in the group,
• in case of 'floating self IP' will belong to a traffic group i.e. 'traffic-group-1' along with some virtual addresses and can be moved between devices,
• will be stored in /config/bigip_base.conf or in /config//bigip_base.conf.

Instead a virtual server acts as a reference point to handle traffic:

• on all enabled / not disabled VLANs,* depending on assigned protocol, destination IP or network address, assigned profiles, iRules and pools,
• may get reached through a self IP which acts as next hop in case the virtual IP is not associated with the IP address range of the ingress VLAN,
• will be stored in /config/bigip.conf or in /config//bigip.conf