Forum Discussion

minheo's avatar
minheo
Icon for Nimbostratus rankNimbostratus
Jun 11, 2025
Solved

Multiple Default Gateways

Hi,

 

I have a question regarding default gateway configuration. Please refer to the following setup:

 

 

We currently have an L4 HA device setup (R2600) in Active-Standby mode, and both units are in the same subnet. The default gateway is set to 192.168.1.1, which is a VRRP address on the L3 side.

 

Since F5 devices synchronize route configurations across devices during config sync, any change to the routing table is applied to both units.

 

Given this, is it possible to configure different default gateways per device in an F5 HA pair? Specifically, I would like to set each unit's default gateway to the real IP of a different L3 device:

 

Default GW for L4 #1: 192.168.1.2

 

Default GW for L4 #2: 192.168.1.3

 

I'd like to hear the opinion of experts on whether this is possible and if there is a supported way to achieve this.

 

Thank you.

announcement
gateway
ha
  • f51's avatar
    f51
    Jun 11, 2025

    Hi minheo​ 

    It is not possible or supported to configure different default gateways per device in an F5 HA pair (BIG-IP tenants on rSeries/F5OS). The default gateway must be the same on both units, and any change will be synchronized across the HA pair. The supported method for gateway redundancy is to use a floating IP (VRRP/HSRP) on the upstream L3 device.

     

3 Replies

  • f51's avatar
    f51
    Icon for Cumulonimbus rankCumulonimbus
    Jun 11, 2025

    Hi minheo​ 

    It is not possible or supported to configure different default gateways per device in an F5 HA pair (BIG-IP tenants on rSeries/F5OS). The default gateway must be the same on both units, and any change will be synchronized across the HA pair. The supported method for gateway redundancy is to use a floating IP (VRRP/HSRP) on the upstream L3 device.

     

  • Mike12345's avatar
    Mike12345
    Icon for Altocumulus rankAltocumulus
    Jun 15, 2025

    Assuming you're trying to optimise traffic flow in the event of the primary F5 failing.

    Lets assume you run HSRP/VRRP as your HA protocol on the LAN. Then you could set up IP SLA L3#1 to track the availability of L4#1 (.5)
    L3#1 sends PING request to L4#1 (.5). If the responses stop then the IP SLA object is set to false. This will then trigger :3#1 to lower its HSRP priority and L3#2 will take over ownership of the .1 IP address.

    You can also use the IP SLA tracking object to change the OSPF / BGP metrics so that traffic will prefer to route to L3#2 in the reverse direction.

    Its not a complex operation. just have a chat with your friendly neighbourhood network engineer.