For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

JrMaster_47117's avatar
JrMaster_47117
Icon for Nimbostratus rankNimbostratus
May 10, 2012

Hyper-V and Tagged VLANs

Hello,

 

 

I have a very weird problem which I can't seem to resolve by myself.

 

I have a BIG-IP LTM up and running on HYPER-V with 4 virtual legacy interfaces.

 

 

 

The first legacy NIC is automatically assigned to MGMT.

 

The 2nd legacy NIC (1.1 on the BIG-IP) is untagged and I can ping the SELF-IP just fine.

 

The 3rd legacy NIC (1.2 on the BIG-IP) is also untagged and I can ping the SELF-IP just fine.

 

The 4th legacy NIC (1.3 on the BIG-IP) is tagged with two VLANs, the first VLAN tag is 1000 and the 2nd VLAN tag is 1100.

 

I have created a Self-IP per VLAN and for some very odd reason I can't ping the Self-IPs from there corresponding VLANs.

 

I have configured the NICs on the VMs settings to use tag 1000 and 1100 respectively and still ping fails.

 

 

 

What am I doing wrong?

 

 

 

Please help!

 

 

 

TIA,

 

Jr

 

ve
virtualization

5 Replies

  • JrMaster_47117's avatar
    JrMaster_47117
    Icon for Nimbostratus rankNimbostratus
    May 10, 2012
    I got this resolved.

     

     

    Apparently I was using "Private" VNICs which do not support VLAN tagging or traffic, once changed to Internal VNIC things started to work just fine.

     

    Thx,

     

    Jr =]

     

  • qe_102628's avatar
    qe_102628
    Icon for Nimbostratus rankNimbostratus
    May 10, 2012
    there's a couple of things worth pointing out about Hyper-V deployments of BIG-IP VE:

     

    (These can be found in the manual too, but here's a concise little guide):

     

     

    1) You can have up to four Legacy Network Adapters assigned to the BIG-IP VE Hyper-V Virtual Machine container. You'll probably want three at a minimum for an Internal and External network, but BIG-IP is quite flexible and will fit 1 to 3 data plane interfaces handily.

     

     

    2) To use a VLAN tag:

     

    2.1) VLAN tags can be configured on the Legacy Network Adapter (Hyper-V configuration)

     

    - open the nic on the vm

     

    - [x] Enable virtual LAN identification

     

    - Put in a VLAN ID value to use for tags

     

    2.2) Configure VLANs to use untagged interfaces (BIG-IP configuration)

     

    2.3) Configure the receiving device to accept and send the correct VLAN tags (switch, router, BIG-IP hardware, Hyper-V server, etc.)

     

     

     

     

     

     

  • JrMaster_47117's avatar
    JrMaster_47117
    Icon for Nimbostratus rankNimbostratus
    May 11, 2012
    So I'm back at the beginning...

     

    According to what is written above, I can't create multiple tagged VLANs on the same interface.

     

    I need to have at least two tagged vlans using one internal vSwitch, Is there a way to work around this?

     

     

    TIA,

     

    Jr

     

  • qe_102628's avatar
    qe_102628
    Icon for Nimbostratus rankNimbostratus
    May 11, 2012

    It's a Hyper-V limitation that I've not found a way to work around. Passing tags from the guest into a virtual switch or onto the wire doesn't seem to function.

     

     

     

    If you really need to pass tags from BIG-IP Virtual Edition, Xen and VMware support passing guest tags into virtual switch infrastructures.

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

  • mkinder_158819's avatar
    mkinder_158819
    Icon for Nimbostratus rankNimbostratus
    May 28, 2014

    No exactly... You can indeed use hyperV to do exactly as you wish...

     

    Powershell as admin on host....

     

    set-vmnetworkadaptervlan -trunk -allowedvlanidlist "222,250,263" -vmname f5ve001 -vmnetworkadaptername f5ve001 -nativevlanid 1

     

    It works.

     

    mkinder