Forum Discussion
Have you considered using route domains? If you put the server vlan and internal vlan in different route domains, the F5 BIG-IP will not route traffic between both VLANs internally when using the default route domain settings.
- GajAnnaJul 14, 2019Nimbostratus
Thanks Niels for pointing this out.
I did consider using a seperate RD for the server vlan however was not sure if LTM can route traffic via the external vlan which is part of the default RD 0 anyway. Example, can LTM route the RD 1 traffic via the RD 0 external vlan (defualt external gateway) or any specific config required on the RD1 to achieve this?
Also the nodes in the server VLAN has a virtual server VIP for incoming traffic for an application. Moving server vlan to another RD will have an impact on this too?
Regards,
- Jul 14, 2019
It's probably best to have each route domain connected to the upstream router/gateway directly. I think in this setup using parent route domains will not work, because then the F5 will again route the traffic internally. These are things that are best to tested in a test environment before making changes on the production environment. Then you also get an idea what the impact will be on the current setup.