Can a single F5 interface serve as both ingress and egress for traffic?

Question

Can a single F5 interface serve as both ingress and egress for traffic?&nbsp;
My setup is as follows:&nbsp;
Cisco switch (vlan 10-VRF abc) -&gt;  int 2/4 F5 int 2/4 -&gt; Cisco switch (vlan 20-VRF def)&nbsp;
I am trying to ping from vlan 10 on the Cisco switch (vrf abc) to vlan 20 on the same Cisco switch (vrf def).&nbsp;
When I run a tcpdump on the F5, I see the F5 receive the icmp echo-request, but I do not see an echo-reply from the F5. It seems as though the F5 is dropping the traffic. Is this normal behavior or is the F5 able to send/receive out the same interface for a single traffic flow?&nbsp;

sukesh123456 · Answer

What is the mode of the interface that is serving the traffic.(Trunk or any vlan is assigned please share the output on F5 side and switch side both)
If the traffic is being received and you are not seeeing reply , it means F5 does not know how to respond back .(hence it is dropping) &nbsp;

faruk_aydin · Answer

F5 is default deny device. You must explicitly create a wildcard and ip forwarding type virtual server and enable it on both VLANs.&nbsp;

Forum Discussion

Can a single F5 interface serve as both ingress and egress for traffic?

2 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Port Group on F5OS network setting

Advise on setting up IRULE

F5 iRule to replace host to path

Related Content

Distributed caching of authentication requests with NGINX Ingress Controller

ExternalName Service and Authentication Subrequests with NGINX Ingress Controller

NGINX ingress proxy for Consul Service Mesh

Application Programming Interface (API) Authentication types simplified

Simplifying Kubernetes Ingress using F5 Technologies