Forum Discussion

Nimbostratus

May 06, 2015

LTM setup question

I'm trying to setup a LTM in my network and was curios on the design aspects. Here's mysetup. Firewall ---> Switch ( let's say port to firewall inside is on vlan 100) --> IPS IN port is on VLAN...

Greg_Robinson_1

Cirrus

May 08, 2015

Are you using the F5 inline or in one-armed mode? I use the F5 as a router/gateway for all my server VLANs, so I trunk the "VLAN 200" and all server VLANs to the F5. Then I use the F5 as the gateway to route all server traffic by creating an IP Forwarding VS to handle any non-VIP traffic.

I always use out of band management, as in-line increases your attack surface. I use an out-of-band management network for the F5s, then I create an HA VLAN on the F5s that is RFC1918 unrouted and only allow those HA self-IPs to process the clustering traffic by setting "allow-service default", setting all other self-IPs to "allow-service none". I also create an AFM policy that allow clustering traffic between the nodes and tie this policy to the HA self-IPs. Let me know if you want to see some sample configuration.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)