Forum Discussion

adiezma_1656's avatar
Icon for Nimbostratus rankNimbostratus
Dec 28, 2011

Problems about mac-masquerade implementation



we suspect that we´re having mac-masquerade problems on our Production F5.

I explain the problem:




1-We created a new vlan on our f5.


2-After this, we configured a mac-masquerade* on it.


3-Then, we configured a physical IP address (self-ips) and fa loating one for this vlan.


4-Finally, we executed pings from a PC, placed on this new vlan, to the floating ip address, and it didn´t work.


5-After testing several changes on F5 configuration, we changed the mac-masquerade, and..... surprise!!!!! it worked!!!!!....


6-Besides, we changed mac-masquerade again to the first mac-masquerade* and .....


it went on working!!!!




Would you mind helping us to find a reasonable explanation?....









A. Diezma.




Additional clue: We executed "tcpdump" on F5 and we saw the message "....(oui known)"...or something like that. Sorry for the mess, but we couldn´t capture the result of this command :-(






3 Replies

  • Hi,



    Which MAC address did you pick?



    sol7214: Configuring MAC masquerading




    sol3523: Choosing a unique Media Access Control (MAC) address for MAC masquerade




    Did you clear the ARP cache on connected switches when you enabled masquerading?




    Mac-masquerade= 0:1:0:2:31:8



    Yes, we cleared the ARP cache on connected switches when you enabled masquerading.



    Best Regards



  • OUI unknown just indicates that the first half of the MAC address wasn't recognized by tcpdump. I don't think that is a factor in the issue.



    I imagine the best way to troubleshoot this would be to retry the process during a maintenance window. You could open a proactive case with F5 Support to have an engineer on a Webex while you test.