How to redirect untagged vlan with virtual wire
Hi everyone, I got a request from my customer to redirect the packet with the default pool on the virtual wire environment. Do you have any idea to solve this case? Here is the case: Network deployment is changed to tagged vlan configuration. Currently, LTM is using virtual wire to handle tagged vlan and one of the virtual server should send the traffic to the proxy system with default pool setup. Problem is, even if I set the default pool on virtual server, traffics keep flown to the server. (NAT/SNAT have to be disabled. but even if I enable the NAT, the destination MAC is still a real server mac) I think the virtual wire with tagged setup cannot "untag" or redirect the packets. Do you have any idea to redirect the packets to untagged VLAN with virtual wire setting?
VE F5 not passing tagged vlan traffic across Vxrail ESXI
Hi Guys, Been working on this and cannot come to a conclusion, our VE F5 which sits in an esxi enclosure, does not work when tagged vlan is configured (this is the way, rest of the other VE F5s are configured across the estate). However If we untag 1 vlan (and only allows you to untag 1 vlan on the VE) This works for the backend server and traffic passes as we can now see the pool members up, however the front end sits on another vlan and we cannot untag. The only difference is the other f5s sit on a 'UCS' or HP chassis and the problematic one sits on the 'vxrail'. my f5 version is 12.1.2 HF2 And the ESXI is version 6.0. Many thanks if someone can give me a descent answer, i have read most of the forums and nothing helpful.
BIG-IP VE and tagged VLANs with identical tag
Hi, For some project I would like to set up two tagged VLANs each using different interface but the same tag. Seems to be impossible - at least using VE, it's reporting error about customer_tag set to none. So QinQ is not supported on VE (tested on v13). However I really do not need QinQ just two VLANs with same tag, each VLAN assigned to different Route Domain. I know that Route Domain is L3 object not L2 but still it should be possible. But obviously it's not - or maybe there is a way to create such setup? My goal is to be able to use VS configured on BIG-IP as member of the pool configured on the same BIG-IP. As far as I know usually it's not possible and iRule (or Local Traffic Policy) has to be created with VIP-targeting-VIP. If however you have setup like that it's possible without above condition: VLAN1 - SelfIP: 198.100.100.1/27, Route Domain 0 VLAN2 - SelfIP: 198.100.100.31%100/27, Route Domain 100 VS - 198.100.100.15%100:80 - defined in Route Domain 100 Pool - member: 198.100.100.15 - defined in Route Domain 0 Route Domain 100 with: Strict Isolation: Disabled Parent Domain: 0 All working fine when VLAN1 and VLAN2 are untagged. But I would like to use same interfaces for different traffic separated in VLANs. So I would need VLAN1 tagged 100, VLAN2 tagged 100 etc. And this seems not be possible even if both VLANs are assigned to different Route Domains. Any solution for that? Of course except of having external device (let's say transparent one) that is accepting traffic with tag 100 on one interface (connected to BIG-IP interface 1.1 used by VLAN1) and sending it out with tag changed to 101 (tag used by BIG-IP VLAN2 assigned to interface 1.2). Or maybe it's possible on hardware appliance that supports QinQ - I am really not an expert how QinQ works. Then each VLAN will use different tag and BIG-IP will have no issue with config - but it is quite complicated solution :-( Piotr
