Forum Discussion

ryderse_210134's avatar
ryderse_210134
Icon for Nimbostratus rankNimbostratus
Jun 04, 2018

Initial network config for one-armed deployment

Hi,

 

I have a Big-IP 2000 (ver 11.2.1) in our lab that I need to setup the initial networking on. I plan on using this in one-armed mode where the Internal and External vlans are the same.

 

Can someone point me to an initial config guide for this setup? All the guides I've seen walk through the Routed mode it seems where the Internal and External vlans are different. No so in my case.

 

If not, would someone be able to walk me through the steps at a high level? Once I understand the high level steps, chances are I can figure out the details myself.

 

Thank you -Steve

 

3 Replies

  • Hi,

     

    One-arm mean that you have only a single physical or logical connection to a network (I do not include the management interface).

     

    In your case we are no longer talking about internal or external because outboud and inbound traffic will pass trough the same interface (one interface: one-armed).

     

    To talk simply, in order to deployed this architecture, you have to connect only one interface on a wanted vlan. You need one IP for your equipement (self-IP) and set the GW (your routeur or FW where your equipement is connected). there is no real difficulty in this type of architecture...

     

    what do you want to know more?

     

    regards

     

  • Hi ryderse

     

    In one-armed topology, client-IP verifying problem could be occured.

     

    If you app is web-base, using 'X-forwarded-for' help verify real client IP.

     

    have a good day.

     

    • ryderse_210134's avatar
      ryderse_210134
      Icon for Nimbostratus rankNimbostratus

      Hi @swjo

       

      Thank you for the info. I will keep that in mind and will test it out later. Right now, this is working for me once I untagged the vlan on the interface.