Forum Discussion

Adam_Asay_6570's avatar
Adam_Asay_6570
Icon for Nimbostratus rankNimbostratus
May 13, 2011

Problems with MAC Masquerading on LTM VE

Has anyone used MAC Masquerading with VE? I have everything working great, and as soon as I enable masquerading on a VLAN I can no longer ping the VIP, or connect to it. I am using the current demo version of 10.1.0 Build 3341.1084.

 

 

  • If anyone is interested in this I found the problem. I needed to enable promiscuous support for the vswitch in esxi.

     

     

    Use of VLAN groups (CR137596)

     

    Use of VLAN groups with BIG-IP Local Traffic Manager VE requires proper configuration of VMware vSwitch or VMware vSwitch portgroup security policies. The Promiscuous Mode and Forged Transmits properties must be set to Accept. By default, Promiscuous Mode is set to Reject. For information on how to configure these options, refer to the vSwitch sections of VMware's vSphere manuals.
  • Hey Adam,

     

     

    Just a quick note to say good man for posting your solution !!!

     

     

    Ive just spent 2 days wailing and gnashing my teeth trying to figure this out on my cluster until I found your gem. As you outlined I enabled promiscious mode on my vswitch and all was well in my F5 world

     

     

    Thankyou !!!

     

     

    Rgds

     

    Tom

     

     

  • Many Many thanks for that one. I would struggle for ages if I did not find this post :)

     

  • 2x Many Many thanks for that one. I would struggle for ages if I did not find this post :)

     

  • Kalo's avatar
    Kalo
    Icon for Nimbostratus rankNimbostratus

    3x Many Many thanks for that one. I would struggle for ages if I did not find this post :)
    didn't know vlangroups also required it and not only for mac masquarade.