I am setting up a pair of 5200V vcmp appliances, I would be required to create 2 virtual context of the LTM to separate the traffic between 2 entity.

Use Routing Domains in the vCMP guest.. make sure 3 RD, 2 on the Front-end and 1 for back-end.. You can use the same VS IP addresses, but with other routing ID instance..

If you have 2 seperate vCMP guest (instance) The fysically connection depense how you configure. Normally you tagged the vlans in teh vCMP hosts.. and set it to the guest systems..

Here's one way:

Assumptions: 1. Both vcmp guests on the 5200v will be on different vlans or at least will not be using the same IP space (if you do, you will need to do route domains)2. You have a Nexus switch active-active setup.

On the 5200v you can setup a LACP trunk connection with an interface going to each of the nexus switches. Do the same on 2nd 5200v (mesh design) On the 5200v Host(hypervisor) gui interface, you will setup your LACP trunk to send tagged vlan traffic for each vlan that will be coming into either one of your Vcmp guests. Then when you create your seperate vcmp guests using the host GUI interface, you will share the needed vlans to each of your vcmp guests as needed.

Thank you Nathan for your reply, i really appreciate for providing the valuable answer to my query

your time on this your 1 st assumptions is correct.

could you please clarify on below

1. if i use the LACP with TRUNK and carry both the VLAN over it, will it act a different network only (i know yes but better to take opinion on this as it is first time for me on VCMP) ? As requirement says there should not be any kind of interaction between the Vcmp guest and traffic should be separated .. Edge network is also designed in same way, on FW router and on Nexus 7 K multiple context are created for traffic separation.

    

2. What if Nexus switches are not in active-active and they are in active-standby, Should i still go with Mesh design or other best approach is there.

    

Can you please help me with any specific design guide/diagram for this kind of deployment.

The host (hypervisor) has both vlans coming into it, but at the VCMP guest level you only share the specific vlans with the vcmp guest that needs them. This way external vlans for both vcmp guests are separated. If you are doing active standby on nexus switches, you can still do the mesh since the F5 will see the interface to the standby switch as down until switch goes up as active.

Thank you Nathan,

Can please advise something on the DSC also in 5200v for HA setup..

I am planing Sync-Failover device group set up for active-standby DSC configuration. Two device group will be created like with 1 active on one of the devices in the device group and is in a standby state on a peer device. If failover occurs, the standby traffic group on the peer device becomes active and begins processing the application traffic.

Will this work in Full mesh topology without any issue or Do i need to consider anything else for proper failover.

Thank you Nathan,

Can please advise something on the DSC also in 5200v for HA setup..

I am planing Sync-Failover device group set up for active-standby DSC configuration. Two device group will be created like with 1 active on one of the devices in the device group and is in a standby state on a peer device. If failover occurs, the standby traffic group on the peer device becomes active and begins processing the application traffic.

Will this work in Full mesh topology without any issue or Do i need to consider anything else for proper failover.

This should work as long as your nexus switches are setup properly for vPC

Hello All,

Is there is a way we can assign a specific interface to a particular VCMP instance for traffic segregation. 5200v has 8 10 Gig interface and 4 vcmp instance, i want to assign 1-2 to vcmp1, 3-4 to vcmp2, 5-6 to vcmp3 and 7-8 to vcmp4. If this is doable then will it be more complex to maintain?

Any working topology and steps for VLAN assignment and segregation will be gr8 help.

In cisco Nexus VDC Environment each VDC (instance/context) will have dedicated interface.

Thank you

Is there is a way we can assign a specific interface to a particular VCMP instance for traffic segregation.

isn't it done when assigning interface to vlan in vcmp host?