Networking is Still Networking, Integrating your F5 BIG-IP with VMware NSX

A constant question I get when talking with customers is how do I deploy my F5 BIG-IP alongside VMware NSX?  Simple answer:  The exact same way you would integrate with any other switch vendor in the market. 

Today customers can install their BIG-IP into a physical network leveraging existing L2 or L3 infrastructures or a combination of both.  Often times you will find many of our customers using a L2 VLAN between the firewall and the BIG-IP for ingress traffic and many use a L3 routing network to reach back-end servers.  At the end of the day, where you place your BIG-IPs and how they connect to their servers is completely up to you.  The same is true when leveraging F5 BIG-IP and NSX.

 

One of the primary values of NSX is the L2 and L3 services that it provides to a data center. VMware NSX enables network admins to spin up a new L2 collision domain or L3 routing segment with point-and-click ease.  Once your network admin has deployed your NSX Edge Service Gateway (ESG) or your Distributed Logical Router (DLR), then connecting to BIG-IP is as simple as it has always been. To begin production, three main questions should be answered:

  1. Do I deploy a physical or virtual BIG-IP?
  2. Do I want to connect to a L2, L3 segment, or a combination of both?
  3. Where do I place my BIG-IP in relationship to my firewalls routers and existing networking infrastructure to provide the best experience to my customers?

 

With the introduction of network virtualization and NSX the questions remain the same:

  1. Do I deploy a physical or virtual BIG-IP?
  2. Do I want to connect to a VLAN, L3 segment, overlay network, or a combination of all three?
  3. Where do I place my BIG-IP in relationship to my ESGs, DLRs, and applications to provide the best experience to my customers?

 

 

NSX has provided a single pane of glass for the the configuration of your L2 and L3 network segments.  In addition, NSX has given you the capability to extend those L2 and L3 segments across not only a single data center but multiple data centers regardless of the geographic boundaries. NSX provides the same networking infrastructure that we all use today even though the overall configuration of that networking infrastructure and the boundaries may have changed. 

For specific design and deployments instructions please go to:

 

Design Guide

 

Best Practices Deployment Guide

 

Published Aug 28, 2015
Version 1.0
  • Hi , I think there is mistake on page number 22 on the hyper link for doc named “Design Guide” within the Web-VIP , it says VIP=20.20.20.5 , I think It should be on subnet 10.0.1.X/24 , and also load-balanced tiers is missing on the diagram