Forum Discussion
Josh_109679
Nimbostratus
Nimbostratusf5 vlan, self ips and routing
We have a HA cluster, and multiple VLANS tagged into a cisco switch. We have a single trunk with two interfaces trunked together. On those interfaces are three vlans, each with a tag. We have setup the three vlans call them vlan_1 (default vlan on trunk port) vlan_2, vlan_3
vlan_1 and two are routable, there is a default route on the f5 0.0.0.0 to the vlan_1 gateway.
vlan_3 has no gateway, and sites on a private network with all the web servers. This network is 172.19.1.0/24.
We can get all the traffic to flow into vlan_1 without issue, vlan_1 and 3 are configured the exact same. There are two self ips for each, one static the other floating.
If I terminal into the the f5 and run ifconfig, the vlan_1 self ip has the ip address of the static not the floating, but vlan_3 self ip has the ip of the floater.
If we try and ping or tracert (should be a single hop) to anything on vlan_3 we get From 172.19.1.190 icmp_seq=2 Destination Host Unreachable , .190 is the address of the floating self ip.
If we do a tracert
tracert 172.19.1.3
traceroute to 172.19.1.3 (172.19.1.3), 30 hops max, 40 byte packets
1 172.19.1.190 (172.19.1.190) 174.730 ms !H 174.733 ms !H 174.733 ms !H
It routes back to itself.
Any tips on how to remedy this?
I hope I explained this effectively. One thing to note vlan_1 is also the management interface traffic.
hooleylistCirrostratus
Hi Josh,
I don't think it's related to your specific issue, but it's not supported to have the management interface and a TMM switch port configured with the same VLAN. Can you reconfigure either the VLAN or mgmt port to use a separate subnet?
Can you print the VLAN, self IPs and routes using:
tmsh list net vlan
tmsh list net self
tmsh list net route
Aaron
Josh_109679We can probably change that, it will take some doing.
Here are the results of the command:
tmsh list net vlan
net vlan Peernet {
interfaces {
1.8 { }
}
tag 4094
}
net vlan vlan_104 {
interfaces {
bi1-trunk-1 {
tagged
}
}
tag 104
}
net vlan vlan_220 {
interfaces {
bi1-trunk-1 {
tagged
}
}
tag 220
}
net vlan vlan_1901 {
interfaces {
bi1-trunk-1 {
tagged
}
}
tag 1901
}
tmsh list net self
net self 10.1.1.1 {
address 10.1.1.1/30
allow-service {
default
}
traffic-group traffic-group-local-only
vlan Peernet
}
net self floating_ip {
address 137.123.104.190/22
floating enabled
traffic-group traffic-group-1
unit 1
vlan vlan_104
}
net self 172.19.1.191 {
address 172.19.1.191/24
allow-service {
default
}
traffic-group traffic-group-local-only
vlan vlan_1901
}
net self 137.123.104.191 {
address 137.123.104.191/22
allow-service {
default
}
traffic-group traffic-group-local-only
vlan vlan_104
}
tmsh list net route
net route default {
gw 137.123.104.1
network default
}
Since I posted we did remove the floating self ip to the troubled vlan, just to help paint a clearer picture, same results occur, except it just routes to its static address.