VLAN group

If you think about firewall load balancing for example, and you want to deploy a load balancer "transparently" between routers and firewalls that sits in the same VLAN, within the same IP range, and for a reason, you don't want to split the subnet or rearchitecture (i have seen customers doing BGP/OSPF here, and don't want to involve the F5 in the dynamic routing process). All the traffic that is crossing the load balancer is sent to destination IPs that are not the firewall, but servers behind the firewalls. So in that case, you just need to load balance "MAC adresses" as the "nexthop" for the load balancer, and not touch at the IPs (source or destination). It is not making sense in most of the cases to have the load balancer do something different than load balancing the firewalls. And because you don't have an option to sit in the L3 path, then you have to do it in L2 (or "transparent at L3). This is one of the reason why L2 Load Balancing exists (same for Cache load balancing for example). For the second point, you can do it with VLANGroups WITHOUT SNAT. In some cases, it is not allowed to NAT the client IP. So putting clients on a VLAN, and servers on another VLAN, the BigIP is acting then as a "bridge" for both of them (you can here select with "transparent", "translucent", ... ho the system behave when managing the MAC adresses by rewriting part of them or not). HTH