Forum Discussion
palekafa_69933
Nimbostratus
NimbostratusSelf IP and Mgmt IP Question
Scenario is that we have a class B network with one VLAN ( flat VLAN ). I cant configure the Mgmt IP and the Self IP ( as it shares the network ).
Questions:
1) Apart from creating another VLAN ( our network bit is outsourced so takes ages for these kind of requests ) , is there any other way out?
2) Why does it not allow for mgmt IP and self IP to be on the same network ( e.g mgmt ip = 10.161.10.xxx and I try and give a self ip of 10.161.153.xxx will not work with 255.255.0.0 subnet )
Thanks
24 Replies
- The_BhattmanActually you can manage the devices from the self-IP address. You just need to set the port lockdown to "allow default" where the self addresses are defined.
Hope this helps
CB 
palekafa_69933I think you misunderstood the question. Having given the LTM a management IP ( say 10.161.10.1 when I try and add a self IP say of 10.161.153.1 ) it wont allow me to as it shares the same network ( IP shares the network with mgmt ip error ). i.e mgmt port cant be on same network as load balanced traffic.
Hence I was asking if other than create a diff VLAN and put mgmt IP on that, is there another way round this?- palekafa_69933any ideas anyone?
hoolioCirrostratus
I think the issue might be that there would be a conflict between TMM which handles the switch ports and Linux which handles the mgmt port. I don't remember ever getting a clear explanation of this restriction though.
I have a faint memory that it's possible to configure the SCCP on the same subnet as a switch port, but I don't know if F5 officially supports this. You could then SSH to the SCCP and access the serial console. It wouldn't allow you to get to the GUI though. No GUI access could be a key issue if TMM is down (which can happen if the config fails to load, license isn't valid, etc). In that case, you wouldn't be able to access the BIG-IP from the switch ports.
You can get more info on the SCCP and configuring it with an IP address in these two solutions:
SOL3454: Overview of the SCCP
https://support.f5.com/kb/en-us/solutions/public/3000/400/sol3454.html
SOL3753: Configuring the switch card control processor so that it can be accessed over the network
https://support.f5.com/kb/en-us/solutions/public/3000/700/sol3753.html
Aaron- palekafa_69933Thanks Aaron. Long time btw. Looks like I have to get that VLAN sorted to put the mgmt port on it. GUI is needed as well as console ( for obvious reasons ).
There is no other way out is there?
Regards
Fahd - The_BhattmanWhen you say you have one VLAN does that mean your entire network, this includes user traffic and server traffic are all entirely in 1 vlan or just what has been given to Load balancer ONLY.
Thanks,
CB - hoolioHey Fahd,
So you're still in the BIG-IP world? Email me when you have a chance: hooleylists at gmail dot com
Aaron - palekafa_69933Yeah still around so to speak.
This self ip thing doing my head in as I have no control over the networks and as such am a sitting duck!
Will mail ya soon! - The_BhattmanBeing that you are 1 vlan it's possible, not recommended from a network standpoint, to configure the management port to any address you like as so long as the other PC or device is using the same address scheme and mask.
CB - palekafa_69933Thats the problem though. I can configure the mgmt port, but it then will not allow me to configure a self IP.
Error below:
01070392:3: Self IP 10.161.100.xxx / 255.255.0.0: This IP shares a network with the management IP (10.161.10.xxx / 255.255.0.0).
