Adding a network interface to a Big-IP VE?
I have a Big-IP running v14.1.4.6 and need to add another network interface. At the moment, interfaces 1.1, 1.2 and 1.3 are configured, but I see no option in the GUI to add a fourth. According to the server team folks there's a fourth network adapter configured (in VMware, I believe), but I'm at a loss regarding how to create a fourth one on the F5. I did find the command below (modified for what I need) for adding an interface in another post, but was unable to get it to work. tmsh create net vlan vlan103 interfaces add { 1.4 { untagged } } Am I going about this the wrong way? It's odd that adding an interface can't simply be done via the GUI. Thanks!Solved2.3KViews0likes2CommentsvCMP logical interfaces throughput
Hello, we currently have 2 BIG-IP 15800 each one connected with 2 100Gb interfaces. So i have a guest vcmp with 8vCPU and 8 logical interfaces 0.1, 0.2, 0.3 and so on to 0.8. In the cli-console or at my zabbix those interfaces are detected as 10Gb each, and i can see traffic in all of them... My question is, are those virtual interfaces capped at 10Gb ? Or in another words, how much bandwidth do i have on this vCMP?Solved2.1KViews0likes6CommentsDisable specific interface via iControl?
Hi Can we disable specific interface via iControl? ie when F5 failover. (status change from Active to standby , ) I want monitoring tool to send icontrol command to disable some interface on F5 standby unit. we have problem with BGP peering which router still peer with standby unit so I need to disable that Interface. Kridsana419Views0likes1CommentLoadBalancing cases
Hi Guys I try to make a high availability test, 1. I test with the option 'Force offline', the traffic is loadbalanced to the peer. 2. However, the traffic don't pass to the peer F5 when: a) I put the F5 interfaces down (WebGUI), b) I forced offline the pool member. Is it a normal behaviour? Should be the same if I put the switch trunk off? Thanks in advance.Solved409Views0likes4CommentsSetting up Self IPs, VLANs and interfaces properly
I am with a division of a much larger organization. The larger organization has a layer 3 firewall that all the divisions sit behind. We have some public-facing web servers that we are going to be standing up in a virtualized environment in our division and I've been tasked with standing up the BIG-IP F5 in front of our network to protect these sites. I have experience with Cisco and Palo Alto firewalls, but am getting confused on the way the F5 is set up and works. I imagine some of that confusion is that we are using the Virtual Edition of the BIG-IP rather than a physical appliance like I'm accustomed to. So I was wondering if someone could help me understand how to work with the self IPs, interfaces and VLANs to get traffic flowing. As I mentioned, the organization's layer 3 firewall is the border security appliance. It will take the public IP of our web server that a client is trying to reach and NAT that to an IP that is in the IP range of our external VLAN on the F5. Then the traffic will hit the F5 where a virtual server "listens" for traffic going to that IP range and sends that traffic to the web server which sits on an internal VLAN in a different IP range. I'm just trying to understand in a simple, step by step fashion, how I would walk through that process of creating the proper self IPs, interfaces and VLANs. What do I set up first, then next and so on? Let's say that the IP range of my external VLAN is 10.10.10.0/24 I have two internal VLANs. One has an IP range of 10.0.0.0/28 and the other is 10.0.1.0/28 Any help would be greatly appreciated and feel free to ask questions if I've left anything out.406Views0likes4Comments3rd interface on BIG-IQ VE
Hi, on my BIG-IQ VE 5.1 I have 3 VMXNET3 network adapters. CLI command ifconfig shows all interfaces (eth0,1,2) but if I connect over the Web GUI I can see just interfaces 1.1 and 1.2 Is it possible to use the 3rd interface as well and assign another VLAN to this interface. Unfortunately I couldn't find any instruction how to do it? Thank you in advance. Reg. Janus378Views0likes3CommentsIs it possible to rename interfaces on BIGIP Virtual Edition? Other network interface questions.
Hello, I have created a KVM based VM of BIGIP 12.0.0 using the Virtual Edition qcow2 file downloaded here which I am using to do development work on. The problem is the interfaces that are created are all numbered 1.x. (ie. 1.1 through 1.8) The ucs file that I am exporting from our 5250 has not only interfaces 1.1 through 1.4 but also 2.1 through 2.8. Question 1: Is there any way to force the VM's interface names so that we can directly export ucs files from the physical 5250's so they can be imported without unpacking and manipulating the /config/bigip_base.conf and other files to accommodate the Virtual Edition's interface names? I've tried configuring the interfaces on the VM with different pci slots, multiple interfaces on the same pci slot with multifunction turned on, different domains and different busses. None of this altered the naming of the interfaces. Question 2: What is the maximum number of interfaces on the Virtual Edition VM's? I can only seem to get three interfaces but we utilize all 16 interfaces on the physical 5250's. Is it possible to add more than 10? Question 3: What is the proper terminology for the type of interfaces I am referring to? The physical interfaces appear to be in ethX format, what does F5 refer to these 1.x, 2.x, etc. interface names as? Virtual interfaces? I'm trying to associate these interfaces to something I'm more familiar in working with but I cannot seem to find where or how these interfaces are created. Thank you. Shawn344Views0likes2CommentsMAC address masquerade configuration for multi-VLAN trunk interface
I've got a 2-device LTM cluster with a 2-port LACP-bundle trunk that has several VLANs on it, and I'm looking at deploying MAC masquerade. Currently, the LTM cluster does not have masquerade configured. I've been looking at https://support.f5.com/kb/en-us/solutions/public/13000/500/sol13502.html for configuration instructions. Do I only need to set a single virtual MAC, or do I need to specify a virtual MAC for each VLAN? If only one, will it iterate through virtual MACs for each VLAN like it does with the predefined MAC addresses? Or will it end up using the same MAC address for each VLAN? For example, currently, the (anonymized) MAC address for the eth0 interface is: eth0 Link encap:Ethernet HWaddr DE:AD:BE:EF:00:01 But each VLAN IP interface has a VLAN-specific MAC address that's the same as the base eth0 MAC address with a different last byte. I.e.: MYVLAN1 Link encap:Ethernet HWaddr DE:AD:BE:EF:00:07 MYVLAN2 Link encap:Ethernet HWaddr DE:AD:BE:EF:00:08 MYVLAN3 Link encap:Ethernet HWaddr DE:AD:BE:EF:00:09 MYVLAN4 Link encap:Ethernet HWaddr DE:AD:BE:EF:00:0A If I configure my LTM and go to Device Management->Traffic Groups->traffic-group-1 and enter 2B:AD:BE:EF:00:01 in the "MAC Masquerade Address" field, will my interface MAC addresses be like this? eth0 Link encap:Ethernet HWaddr 2B:AD:BE:EF:00:01 MYVLAN1 Link encap:Ethernet HWaddr 2B:AD:BE:EF:00:07 MYVLAN2 Link encap:Ethernet HWaddr 2B:AD:BE:EF:00:08 etc or will each VLAN have the same virtual MAC, like this: eth0 Link encap:Ethernet HWaddr 2B:AD:BE:EF:00:01 MYVLAN1 Link encap:Ethernet HWaddr 2B:AD:BE:EF:00:01 MYVLAN2 Link encap:Ethernet HWaddr 2B:AD:BE:EF:00:01 Thanks!334Views0likes1Comment