Route Domains

Question

Hello Everybody,&nbsp;
Would you use Route Domains only if there are conflicting IP ranges? E.g. multiple customers&nbsp;
Or can you use Route Domains to segregate external and internet applications.&nbsp;
E.g.&nbsp;
External Route Domain:
Internet Users &lt;--&gt; External Firewall &lt;--&gt; External Switch &lt;--&gt; F5 &lt;--&gt; DMZ Switch &lt;--&gt; DMZ Servers&nbsp;
Internal Route Domain:
Internal Users &lt;--&gt; Internal Router &lt;--&gt; VLAN: F5 VS, Pool and Nodes (one arm configuration).&nbsp;
Any drawbacks apart from the extra management?&nbsp;
Any opinions will be welcomed!&nbsp;
Thanks,&nbsp;

matt_dierick · Answer

Hi, you can compare Routing Domain to a VRF. You separate L3 between route tables.&nbsp;
I advice you to pair Routing Domain with Admin Partition so that an admin can only make modifications on the right partition/routing domain.&nbsp;
But keep in mind, there is only one TMOS below.&nbsp;
If you want a real separation, use vCMP on 5200v, 7200v, 10200v or VIPRION.&nbsp;
But your example is right. An internal and an external RD.&nbsp;

gus_135027 · Answer

Thanks Matthieu!&nbsp;

Forum Discussion

Route Domains

2 Replies

Recent Discussions

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Unwinding the Benefits of Investing in White Label Crypto Wallet

SMTP profile not visible & showing

About AWAF "Redirect URLs" in "Responses and Blocks"

F5 iRule to replace host to path

Related Content

FQDN nodes in non-default route domains

F5 Distributed Cloud - Customer Edge Site - Deployment & Routing Options

How to find route domain OID

Enriching AFM with public domain Threat Intelligence

BIG-IP BGP Routing Protocol Configuration And Use Cases