F5 Trunk port is connected to Cisco Switch Access Port

Frist:

 

The term "trunk" in the F5 world means something different than "trunk" in Cisco world.

 

In the F5 world (and most non-Cisco switches) a trunk is the same thing as Cicso Ethernet Channel. That is two or more physical interfaces that are treated logically as a single interface.

 

Second:

 

Does F52 have a connection to any other switches in your network? If so, then it is possible that you could have a loop.

 

Hi Giltjr,

 

There is one more management interface connected to different VLan in the same switch.

 

I have attached the diagram of the scenario. Just in case the Trunk Port2 is connected to the Access port instead of the Data port as shown in diagram. The trunk ports are for HA links between the two F5's.

 

Thanks!

 

Hi Giltjr,

 

Here's the summary of network connections from above updated diagram.

 

1.F51 Trunk port1 to F52 Trunk port1

 

2.F51 Trunk port2 to SW1 Access port -> Any issues or STP loop?

 

3.F52 Trunk port2 to SW2 Access port -> Any issues or STP loop?

 

4.F51 Mgt Port to SW1 Access port

 

5.F52 Mgt Port to SW2 Access port

 

Will be any loop if cables were connected wrongly as above?

 

Thanks!

 

Hi Giltjr, The connections looks ok and what I can predict from above diagram is that the two switches are stacked. Is it? If yes then just as part of the design and if you have ports avaliable on your F5 box select another port lets say 3 on each box for the one connecting to the switches access port and connect F51 to SW2 and F52 to SW1. As the secondary box does not process any traffic there should be no looping unless you are keeping both the boxes as Active Active only then the looping has to be investigated.

 

Regards,

 

Hi Techgeeg,

 

Thanks for your reply. I have created a new diagram with the intended setup and a scenario if in case the network cable is patch wrongly from switch port to trunk ports configured as LACP in F5.

 

Will there be any loop if one of the trunk port member for both F51 and F52 are connected to switch1 and Switch2. The trunk ports are member of single VLAN as untagged interface. The redundant F5 are configured as active / standby.

 

Thanks a lot!

 

Here's the summary of network connections from above updated diagram.

 

Scenario when one of the F51 and F52 trunk ports are connected to Cisco Switch Access port.

 

1.F51 Trunk port1 to F52 Trunk port1

 

2.F51 Trunk port2 to SW1 Access port -> Wrongly patched cable. Any issues or STP loop?

 

3.F52 Trunk port2 to SW2 Access port -> Wrongly patched cable. Any issues or STP loop?

 

4.F51 data port to F52 dataport -> Wrongly patched cable

 

4.F51 Mgt Port to SW1 Access port

 

5.F52 Mgt Port to SW2 Access port

 

More details about the setup from above diagram.

 

■ Switch 1 and Switch 2 are not stacked.

 

■ F51 and F52 trunk ports are configured as LACP (Active mode)

 

Thanks.

 

The wrong cabling (From the diagram above) won't cause issues because you're running LACP on the F5 trunk (Lets call it a port-channel :) ).

 

The LACP signalling ensures that BOTH ends of all the links in the channel connect in a single port-channel. If any of the links are NOT configured in the port-channel, then then will be shutdown by the endpoint detecting the error.

 

So, as long as LACP signalling is used, you shouldn't get any issues. (This assumes you're not bridging traffic across the BigIP's interfaces of course).

 

H

 

Hi Hamish,

 

Thanks for reply. With the above setup will there be any STP loop? The other interface between two F5s are:

 

• f51 trunk port to f52 trunk port (lacp)

   

• f51 data port( untagged vlan) to f52 data port (untagged vlan)

   

Will these 2 connections will bridge traffic?

 

Thanks!

 

The only time that the bigip will bridge traffic is if you tell it to. If the connections are configured as LACP on the bigip they're a single logical link and will only actually come up if the other end is a single LACP endpoint as well. So no STP loop there.

 

H

 

Hi Hamish, the scenario above is, there is another cable connected between two f5 devices. In addtion to the trunk ports. Because they are wrongly patch. And the trunk port supposedly connected is connected to the switch access ports.

 

Thanks!