Forum Discussion
Nimbostratusone arm mode deployment
Hi,
I need to draft a solution document where we have multiple server vlan and need to deploy F5 ASM in one arm mode since customer doesn't want to change the default gateway of servers.
please correct me if wrong anywhere regarding one arm mode deployment:
as a quick notes on configuration piece: * need to have all vlans ID which needs to be introduced in F5 * self ip of each vlans * floating ip of each vlan( in case active-standby) * one physical interface of F5 will be trunk interface which will have all these server's vlan from core switch * accordingly define SNAT for all respective VS
appreciate for an early response.
Regards Prak
Amine_KadimiMVP
1st option, F5 in one arm mode: you only use one VLAN on F5 (not counting HA), and a default gateway which is the firewall or L3 switch. F5 will reach all the servers through its routing table. This is easy to put in place, you don't need to configure VLAN tags on F5, and this is more commonly used as per my experience.
2nd option, F5 in mulitple one arms mode: exactly as you said. In this case, I don't rely on SNAT automap but create for each VLAN a SNAT pool containing the self IP of the egress VLAN, and eventually if you want to use MAC masquerading in a clean way, you should create a traffic group with an overriden virtual MAC for each VLAN and use that traffic group for the Virtual addresses. A painful solution when you have an easier choice.
Harry1I think it should work .i mean trunk for multiple vlan with single interface and define selfip of each vlan.only need to take care is vlan-keyed setting.