seperating traffic of virtual servers
Hello Everyone
I am new to F5, sorry, but I have been going through the f5 documentation, the training videos etc, and I have a couple of questions,
my current setup assumed only one application would be in use, and users access thru int 1.1 (untagged) on vlan 21, the vlan is not set on the port and it looks like a default external and internal vlan was set up using 4094 ext and 4093 int?
we have recently installed a new applications virtual servers, pools etc, and the system works fine as long as we stay on the same vlan and int 1.1 as the existing system.
we needed to readdress the new applications servers, and also want to seperate traffic between the two apps.
I would like the new app to use interface 1.3 and use vlan 22, what Im not understanding is can I assign a specific vlan to int 1.3 by port (tagged) and not have to assign a specifc vlan to int 1.1 (untagged)? or more properly must all interfaces be either untagged or tagged or can we mix them? the documentation online doesnt show a mixed environment.
I dont want to interupt the production environment on int 1.1 and want to set up a new environment using int 1.3 and keep them seperate.
my second question concerns the use of the mac masquerade address. Is it best practice to use mac masquerade in a redundant system? If so in case of failover if we dont have one set then the destination server wont be able to communicate with the F5 big-ip? Do we implement a mac masquerade only when using a tagged interface or should we set one up for use with untagged interfaces as well?
I inherited the F5 big-ip from another location so I am trying to get up to speed very quickly, any help would be greatly appreciated.
Thank You