F5 and Cisco Nexus VPC

Question

Hi, my network design is as follows: I have a pair of F5-ltms connected to a pair of nexus 5k. In other words, each ltm is dual connected to both the cisco n5ks in a vpc-fashion. My N5ks are purely layer-2, and all the layer-3 is handled on a one hop up by on a different set of switches. Are there any special recommendations to this design? As F5 uses "auto last hop" feature by default, so I believe it will always reply back to individual mac-address of the n5k instead of the vpc-system-mac. Is this correct? Has anyone seen any issues in this..?

josh_abaire · Answer

Why would the F5 ever reply to the 5k?  If the 5k is strictly layer 2, it would be replying to the MAC of the layer 3 address.  The only issue is when the 5k has a VPC to the layer 3 device such as a 7k and it is running HSRP.  You'll want to have peer-gateway enabled since you cannot control if that traffic destined to that MAC will hit the A side or the B side and the 7k will not forward that traffic across the vPC peer-link.

Forum Discussion

F5 and Cisco Nexus VPC

1 Reply

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Syslog server not visible in GUI

Same LTM Monitor applied to different Pools with Common Nodes

irule execution error

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

Related Content

Copenhagen, Cisco, Korea, Cybercrime, and Criminals

Cisco ACI Endpoint Learning with a BIG-IP HA Failover

CitrixBleed2 and Cisco Criticals, Action on and by Crooks, Cost of Cyberattacks

OpenStack Deployments with F5 BIG-IP and Cisco Nexus 9000 Switches

How to use Ansible with Cisco routers

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS