LTM One-Arm - inline - 2 Arm

Question

I have worked with several different vendors in terms of load balancer's and each seem to have different terminology. Can someone please point me to an F5 document that defines what each of the configurations I have listed above are ...&nbsp;
&nbsp;I would like to understand exactly what this means when referring to the LTM. There seems to be variations even within these categories...&nbsp;&nbsp;
&nbsp;Thanks
&nbsp;Andy&nbsp;

the_bhattman · Answer

Hi Andy, 
&nbsp;   Ask.f5.com has a LTM implementation guide which shows you the common implementations of the LTM. There are terminologies and concepts defined. 
&nbsp;  
&nbsp; Here is a link  
&nbsp;  http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_implementations_guide_10_0_0.html 
&nbsp;  
&nbsp; I hope this helps 
&nbsp; Bhattman

andy_12_5042 · Answer

great thanks. I think the issue is I was trying to use "generic" terms in my search of ask f5 which don't match the terminology that F5 uses to define a specific design type.

andy_12_5042 · Answer

so let me ask this question to make sure I interpret something correct. I have a design where the LTM has private backend vlans (self-ips) that the different pool members belong to. There is also a public vlan(self_ip) which the Virtual server ips are placed in. I am using SNAT to allow self originating requests back to the internet from a given pool member. 
&nbsp;  
&nbsp; Each node used the F5 self ip as a default gateway. What would you refer to this type of design as?  
&nbsp;  
&nbsp; thanks

nitass · Answer

Each node used the F5 self ip as a default gateway. What would you refer to this type of design as? 
&nbsp; i would call either basic or two-armed deployment.

l4l7_53191 · Answer

Andy: Here's the way I think about it. &nbsp;
&nbsp; 1) In line, routed mode. That's the scenario you just described. If your servers point to the BigIP as a GW then it's routing the traffic, hence the term.  
&nbsp; 2) One-armed: the virtual servers and the pool members are on the same VLAN. In this deployment you need SNAT to force the source to look like BigIP and keep the flows symmetric.  &nbsp;
&nbsp; Note: you can have combinations of one-armed and routed mode on the same box, across many vlans. So it helps to ask two questions: 
&nbsp; 1) Does the host route via BigIP? If yes, you're in-line, routed mode.  
&nbsp; 2) Does the host live on the same VLAN as the Virtual Servers? If yes, you're one-armed. &nbsp;&nbsp;To me terms like two-armed etc. are more confusing than they are worth because it's common to have several or many VLANS involved in a BigIP deployment. So it helps me to think in terms of service flow and ask questions like above to help figure out what those flows will do in a particular scenario. &nbsp;
&nbsp; Hope this helps. 
&nbsp; --Matt&nbsp;&nbsp;

Forum Discussion

LTM One-Arm - inline - 2 Arm

5 Replies

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

One-Arm Mode Migration

SSL Orchestrator Advanced Use Case: One-Armed Mode

SNAT is not working in a one-arm configuration.

one-arm scenario, external network?

One-Armed Mode

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS