Forum Discussion
jas1066uk_33769
Nimbostratus
NimbostratusUse F5 LTM for both DMZ and Prod load balancing?
Hello all,
We have budget constraints were we have two F5 LTMs (redundancy pair). What is the best way to load balance prod traffic and DMZ traffic ie to keep them separate. Can the F5 loadbancer support vlans? The F5's will be behind a firewall (inside has prod vlans and DMZ vlans (IntTRAnet traffic)).
Thank you for any info
Jas
Jas,
Yes, you can do this with your F5 cluster. And yes, F5 supports VLAN.
Just create two partitions within de configuration for PROD and DMZ. Add all objects (nodes, pools virtual servers, self IP and float IP) in the correct partitions and you have separated the traffic.
You can even create two route domains if the PROD partition needs a different route table.
Look for the BIG-IP TMOS: Routing Administration manual on the F5 website for Route Domains and VLAN's and check " Administrative Partitions" on the F5 website.
DevCentral also provides a lot of information about these subjects.
Good luck. Martijn
RaghavendraSY_7Cumulonimbus
Yes F5 device supports multiple VLAN's. You can configure separate VLANs and route them through route domains.
Please refer below links:
Network Configurations on F5:
- Enable Interface
- Configure VLAN and tag interface
- Configure Self IP and call VLAN
Please follow above steps to configure network functions on F5. Please let me know any more information is required
jas1066uk_33769Thank you Raghavendra
RaghavendraSYAltostratus
Yes F5 device supports multiple VLAN's. You can configure separate VLANs and route them through route domains.
Please refer below links:
Network Configurations on F5:
- Enable Interface
- Configure VLAN and tag interface
- Configure Self IP and call VLAN
Please follow above steps to configure network functions on F5. Please let me know any more information is required
- jas1066uk_33769
Thank you Raghavendra
- MvdG
Cirrus
Jas,
Yes, you can do this with your F5 cluster. And yes, F5 supports VLAN.
Just create two partitions within de configuration for PROD and DMZ. Add all objects (nodes, pools virtual servers, self IP and float IP) in the correct partitions and you have separated the traffic.
You can even create two route domains if the PROD partition needs a different route table.
Look for the BIG-IP TMOS: Routing Administration manual on the F5 website for Route Domains and VLAN's and check " Administrative Partitions" on the F5 website.
DevCentral also provides a lot of information about these subjects.
Good luck. Martijn
- jas1066uk_33769
Thank you Martijn
Martijn_144688Cirrostratus
Jas,
Yes, you can do this with your F5 cluster. And yes, F5 supports VLAN.
Just create two partitions within de configuration for PROD and DMZ. Add all objects (nodes, pools virtual servers, self IP and float IP) in the correct partitions and you have separated the traffic.
You can even create two route domains if the PROD partition needs a different route table.
Look for the BIG-IP TMOS: Routing Administration manual on the F5 website for Route Domains and VLAN's and check " Administrative Partitions" on the F5 website.
DevCentral also provides a lot of information about these subjects.
Good luck. Martijn
- jas1066uk_33769
Thank you Martijn
