LTM VE Deployment limited VLANs
Hi, I need to deploy a pair of LTM VE appliances in HA in an internal environment. The problem is, i am told there are only 2 VLANs available on the deployed virtual switch I would be using, and I need to deploy MGMT / HA / Internal. This seems a bit mad but I believe a previous employee deployed the VM environment and there are concerns about expansion ( I won't go into the obvious lack of planning at the outset here!).
As HA is just for chat between the 2 x F5s themselves, I was thinking of using a separate non routable subnet for this though utilizing one of the available VLANs used for MGMT or Internal. Would this kick up an error due to same VLAN being used or does the F5 just check assigned IP address/subnet?
Thanks in advance
Hi,
It's not a big problem for f5 devices. Of course it's better to have a separate VLAN for each traffic: MGMT, HA, DMZ, External, etc. But if you can't, that's not a big deal, big-ip DSC cluster can work with those two VLAN also. You can use Internal VLAN for Config-Sync and for HA you can use either MGMT or the same Internal VLAN.
Also, you can create any non-routable subnet/VLAN and give IPs from that range for HA and if those Virtual Machines are located on the same ESXi host, they'll still be able to see each other, as there's no physical network involved. Just pay attention to port lockdown feature, as you need (if I'm correct 1026/UDP for failover).