Forum Discussion
Be aware that route domains is not a security feature. Route domains is simply a way to have the same IP exist on two VLANs on the same BigIP. There is no intrinsic problem with having internal and DMZ traffic on the same BigIP. It's certainly no worse than having the DMZ and internal networks on the same firewall.
If you aren't comfortable with the traffic from the internal and DMZ networks flowing over the same chips, then you will want additional BigIPs. If you're running them over VEs then it doesn't make any difference.
If you want additional separation you can add administrative partitions and place your DMZ objects and your internal objects in different partitions. This makes it much harder to make a mistake. You would then create your objects in the relevant partition.
This should help https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-user-account-administration-12-0-0/3.html