Forum Discussion

Shripaty's avatar
Shripaty
Icon for Cirrus rankCirrus
Jun 23, 2020

Vlan Addition for virtual subnets

Hi,

 

I am trying to configure multiple vlans for virtual having their gateway for vlans hosted on switch virtual interface. I wanted to route the traffic from each virtual vlan to the backend members through their specific gateway. Is there a way to declare the default gateway individually for each specific vlan.

 

Whenever I am trying to add the default route for vlans configured on the LTM , it give me a message saying Implied Route is there. I am not sure I was not able to find out the route by which the self ip address will be communicating to the pool members.

 

vlan 123 -- 10.1.10/24 -- 10.1.12

vlan 234 -- 10.1.2.0/24 --10.1.2.2

vlan 456 -- 10.1.3.0/24 --10.1.3.2

 

I wanted to point the virtual subnets specifically to their default gateway but I am not able to do so , is there a way

application delivery
BIG-IP
LTM

7 Replies

Sort By
  • PeteWhite's avatar
    PeteWhite
    Icon for Employee rankEmployee
    Jun 23, 2020

    Where you are using static or default routes then you can only create a single default route, though you can create multiple static routes via each subnet. For instance, if you have pool members in the range 10.2.0.0/16 via vlan 123 then you can add that route but you an't have multiple default routes. Of course you can use different route domains so that you have separated networks and routing, in which case you have a route per RD. You can also use dynamic routing if you want to have more complex routing setup without having to maintain static routes. You can also set the nexthop via iRule.

    Regarding incoming traffic, autolasthop means that it will always go back to the device from which it arrived so you won't need those routes. It is common to just have a default route to enable the BIG-IP to be able to get to the pool members.

  • Shripaty's avatar
    Shripaty
    Icon for Cirrus rankCirrus
    Jun 24, 2020

    So my doubt here is the monitoring will be done via the self IP of Vlan for which I have declared the default route.

    Is there a concept of multiple default gateway , i tried to add the default gateway in a pool and then point the same through the default route but I am confused how does the tmm decides which Self IP will be communicating to the backend pool members for monitoring purpose

    • PeteWhite's avatar
      PeteWhite
      Icon for Employee rankEmployee
      Jun 24, 2020
      Hi Shripaty, There are separate routes - you specify the destination and the gateway. However, this can lead to a large number of complex routes which are difficult to manage, so you can use dynamic routing such as ospf which will manage those routes. Or you can use a default route and send traffic through one vlan. If you want to have separate default gateways then you can put the nodes into different route domains and have a different default route per route domain.
  • Shripaty's avatar
    Shripaty
    Icon for Cirrus rankCirrus
    Jun 24, 2020

    So , it means we cannot have multiple default gateway for f5 which can be used specifically for the vlan configured on for virtuals -listeners and then the self ip of each vlan tries to communicate to the backend pool members via the default gateway configured specifically for that vlan on the next hop of switch virtual interface.

     

    I was trying to configure separate routes for each of the vlan but then it gives me a message of Implied Route is already present for that vlan . So I am wondering the backend traffic will still be monitored from only one vlan rather than each vlan specifically. Also , one more suggetion , if I create multiple vlans for virtual but the backend traffic passes through only one vlan default route will that create an asymetric routing , actually i am messed up with this architecture

    • PeteWhite's avatar
      PeteWhite
      Icon for Employee rankEmployee
      Jun 24, 2020
      Hi Shripaty, Yes, you can have multiple default gateways - with multiple route domains. If you don’t want to do that then the rules of IP are that a default route is a default and will be used in the absence of other routes, but you can add static routes as well. To be honest, if you are struggling with the IP side of this then you may want to engage Professional Services as it could be easy to get this part wrong.
  • Shripaty's avatar
    Shripaty
    Icon for Cirrus rankCirrus
    Jun 24, 2020

    I wanted to add a static route for all the vlans rather than the default gateway pointing to one of the vlans , I tried to add the default gateways in a pool with having all the member of the vlans added in a pool and monitored by Gateway ICMP monitor and adding them as default gateway , but how does that takes preference from tmm also the current architecture is we have only one vlan declared on the f5 with its self ip and the rest of the subnets are just pointed to the default gateway of that vlan on the switch virtual interface.

     

    Moreover , i wanted to change this structure of having all the traffic traversing through one vlan to multiple vlans for virtuals.

    • PeteWhite's avatar
      PeteWhite
      Icon for Employee rankEmployee
      Jun 24, 2020
      Do that then - add routes to the servers via the vlans. Or use a default route with multiple gateways, in which case you will have equal cost multipath loadbalancing over the gateways. The other thing you have to understand is that there is tmm routing and there is system routing such as for monitoring.