LTM in one subnet

if you're running all you f5 deployment in the same VLAN then only need one VLAN configured (say Internal) and using a SNAT automap on the VS may help you bouncing the traffic.

 

 

This changes all source address IP address with one Self-IP of the controller thus allowing to route packets through the BIG-IP back to destination without breaking the TCP session.

 

 

Working in the same IP network but configuring two VLANs on the BIG-IP, internal and external, it's an other way to deploy LTM. The thing you do here is to create a VLAN GROUP where you associate both internal and external VLANs. The thing that LTM uses in this case instead of changing source IP, is the change of the source MAC. For this deployment you have to connect servers directly on VLAN internal (for example) and users on vlan External. This way, even when servers and users are on the same subnet, LTM separates them at layer 2 level. I have tried this configuration with a LTM standalone and works great. However, once the LTM is configured this way, HA network failover would work.

 

 

Look at ask F5 dor v9.x document named BIG-IP Implementation and you'll find interesting information.

 

 

Good Luck!

 

 

HHeredia