For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Arunprabhu_1147's avatar
Arunprabhu_1147
Icon for Nimbostratus rankNimbostratus
Apr 21, 2014

Multi tenancy design, Route domain

Dear Techies,   For Cloud design The following are the design options considered for the Implementation of F5. we have F5 1600 having Four Gigabit Copper Interfaces.   Creation of three Admi...
cloud
design
virtualization
What_Lies_Bene1's avatar
What_Lies_Bene1
Icon for Cirrostratus rankCirrostratus
Apr 23, 2014

A few questions so I fully understand before I comment;

 

  1. Are the switches just operating at L2 (all the L3 is on the firewall and/or F5) or do they have a L3 interface for each 'internal' VLAN too?

     

  2. Rather confusing the VLANs are nearly all called Internal, shouldn't 201 onwards be called external?

     

  3. I assume you have static routes in place on the firewall for the VIP ranges, pointing to the F5?

     

  4. VRFs operate at layer three don't they? If the switches don't have L3 interfaces surely there is no need for VRFs? I could be wrong, it's been a while since I've used them. Or is there a need to absolutely have a routed subnet for every tenant regardless, even if the seperation is just via VLANs?