Forum Discussion

Dave_Mehlberg's avatar
Jul 22, 2024

R-Series Tenant - Need to change Vlan tag

I need to change all of the vlans on my LTM-tenant (15.1.10.4) - The changes are on the tag not the name - I need to keep the names the same and change the tag numbers.  [ vlan Core 1978 to vlan Core 978 - about 13 vlans total ].

Put the tenant in provisioned mode.

Started by deleting the vlan in the Host f5OS gui (removing the vlan from the LAG and the tenant - then deleting the vlan).

Then created a new vlan with the same name and different tag.  Then added the vlan to the LAG and tenant.

Deployed the tenant. 

R-Series LAG and tenant setup looks perfect.  

Tenant still has the old vlan.

Found instructions for this procedure which include deleting the vlan from the tenant - which results in the error -- Cannot delete Resource vlan - because Virtual Server references it  --  or something like that...

 

 

-Dave Mehlberg

 

 







 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  • What seems to work without affecting anything else is changing the tag in the bigip_base.conf file and reloading system.

  • What seems to work without affecting anything else is changing the tag in the bigip_base.conf file and reloading system.

  • Hello Dave, in my opinion the quickest thing to do would have been rewriting VLAN tag in the F5OS tenant, I'm pretty sure you can do it via command line. This way, every object that references the VLANs that are already configured wouldn't have required any change.

    Since you've removed VLANs from the tenant already, then you'll need to manually look for objects that still reference the old VLANS, and then update the configuration to reference the new vlan.

    You're likely to find them in these objects:

    • Every SELF-IP in the "Network > Self IPs" menu that was referencing the old VLANS must be updated to match one of the new VLAN names
    • There might be some VLAN-restricted Virtual Servers that requires updates (quickest way to find them would be CLI command: tmsh list ltm virtual all vlans ). If this is your case, you'll need to modify the "Enabled Vlans" list excluding the old objects
    • When you're done with these two steps, try deleting the VLAN object from Network > VLANs menu. If it still won't let you do it, 
    • There might be some other objects as well that reference those VLANs in the config file, after you "fixed" the two points before, try running this CLI command: more /config/bigip.conf | grep "VLAN_NAME" -B10 to see what object it is and go fix it 
    • Dave_Mehlberg's avatar
      Dave_Mehlberg
      Icon for Cirrus rankCirrus

      The original VLAN still exists on the tenant.  When I tried to delete it, I received an error.

       

      Knowing that, should I try to change the VLAN using CLI and modify the Bigip_Base.conf  file?

       

      Dave

      • CA_Valli's avatar
        CA_Valli
        Icon for MVP rankMVP

        Hello Dave, 
        sorry, I meant: since you deleted vlans from the Host already. Since it's the Host that pushes VLANs to configured tenants, you don't need to edit bigip_base.conf file on the tenant, networking configuration will be automatically passed by the F5OS hypervisor. 

         

        Since now the host has correct VLAN configuration, and new VLANs have been pushed to the tenant, I believe the easiest way to resolve this issue will be matching the "correct" VLANs on network objects.

    • CA_Valli's avatar
      CA_Valli
      Icon for MVP rankMVP

      Actually -- try and run the last command anyways, because if VLAN name is referenced in iRule syntax BIG-IP will let you delete the object it but your code won't match anymore