VLAN tagging on outgoing packets

Question

Hello,&nbsp;
I am using a virtual edition BigIP load balancer.
I have configured a VLAN interface (tagged) on the box and associated it with an interface (say 1.1).
I have also assigned an IP address to this VLAN.
Now, when I send an ARP request to this VLAN.  The ARP request is VLAN encapsulated with correct VLAN tag. It is received by the interface 1.1, which strips out the VLAN tag and sends the ARP request to the VLAN that was configured on the box.
Now, when the ARP reply is sent out, it is NOT VLAN encapsulated.
I ran tcpdump on the F5 1.1 interface, but the outgoing ARP reply does not have any VLAN encapsulation.
Shouldn't the reply also be encapsulated with a VLAN tag for the tagged VLAN configuration?&nbsp;
I would appreciate any help on this.&nbsp;
Thanks,
Rachit&nbsp;

rrr2015 · Answer

Hi Rachit I've had exactly the same problem as your both using the route domains and not.
Have you found something on this issue ?
I've  really no clue by now
Bye

boneyard · Answer

where exactly are you sending that ARP request from? is this breaking something or are you just wondering?

stanislas_piro2 · Answer

Hi,&nbsp;
The configuration of your VLAN tagged / untagged depend of configuration of your vSwitch in the virtualization hypervisor.&nbsp;
For example in VMware ESXi:&nbsp;
if the virtual network interface is linked to a vSwitch with the VLAN ID 4095, you must configure VLAN tagged on this interface. You can define more than 1 VLAN per virtual interface.if the virtual network interface is linked to a vSwitch with another VLAN ID, you must configure VLAN untagged on this interface and dedicate one virtual interface per VLAN. in this configuration, you can create up to 10 virtual interfaces (9 virtual interfaces for TMM + 1 for Management)

aldocbim_223183 · Answer

Hi let me explain my case:
1 - I'm using BigIP LTM VE trial edition (BIGIP-11.3.0.39.0-scsi.ova) run over Vmware Workstation 10
2 - in the same VMware env. I run various VMs as servers or clients in different subnets with a 1-to-1 relation to the VMnets.
2 - using GNS3 I created a basic network with a virtual switch linked to various VMnet. The emulates a Catalyst. On the switch I setup as trunk the interfaces connected to the LTM VM. I created the Virtual interfaces on the various subnets tagging with the proper VLAN IDs (for production/pre-prod back-ends and prod/pre-prod front-ends)
3 - on the LTM VM side  I configured the interfaces as tagged vlan in order to receive and manage the various subnets traffic
4 - moreover I created the various self-IPs and the related route-domains 
5 - what I see when I try e.g from a server in PROD. BE to ping the selfIP of the F5 on the same subnet is that the arp request arrives on the right tagged interface of the LTM (let's call it the BE interface) 802.1q encapsulated. The F5 deencaps and correctly replies with an  arp reply but sending it back not-encapsulated on the same interface. This way the virtual switch ignores it (or at least it seems so) and it doesn't forward it to the requesting server&nbsp;
Am I enough understandable ? Does what I told have a sense for you ? Could you please help me/us to understand what's wrong with my/our setup ?
Thanks,
best regards 
 Riccardo&nbsp;

slim89_261838 · Answer

You probably figured it out already but I believe its a bug which requires a restart of the tmm service.&nbsp;
https://support.f5.com/kb/en-us/solutions/public/14000/900/sol14984.html&nbsp;

Forum Discussion

VLAN tagging on outgoing packets

5 Replies

Recent Discussions

BigIP Next - Health Monitors / Template

LDAPS and renegotiation

Need advise to setup a policy on F5

Web acceleration

What are the different phases in DevOps?

Related Content

Decrypting BIG-IP Packet Captures without iRules

Decrypting BIG-IP Packet Captures Automatically

Google Tag Manager

Automating Packet Captures on BIG-IP

F5 packet buffer