Layer2 Virtual Server and IP

Question

Hi,&nbsp;
I am a newbie in networking so sorry for dumb question. I am not sure how exactly layer2 VS is working and why in configuration IP has to be set. As far as I can understand this type of VS is working as l2 bridge. For l2 bridge IP is not important, it knows only on which port given MAC address was learned and forwards frames with given destination MAC address to this port. My wild guess is that BIG-IP uses IP address to speed up forwarding. When ARP for IP configured for l2 VS is received it sends ARP reply with it's own MAC address. Then sending host directs frames to BIG-IP MAC address and BIG-IP just forwards this frames via a port when destination server is discovered.
Is that right?
I can't figure out what is then difference between l2 and l3 forwarding VS. In both cases IP address is identical with destination server IP, in both cases there in no pool and load balancing performed.&nbsp;
Piotr&nbsp;

mahmoud_eldeeb_ · Answer

Layer 2 forwarding virtual servers are similar to IP forwarding virtual servers because they do not have pool members to load balance. Therefore, when the BIG-IP LTM system evaluates the packet for processing, the system looks only at the destination IP address.&nbsp;
references:
https://support.f5.com/kb/en-us/solutions/public/14000/100/sol14163.html
https://support.f5.com/kb/en-us/solutions/public/4000/300/sol4362.html&nbsp;

dragonflymr · Answer

Hi,
Thanks for pointing me out but I already know this articles. I know about no pools for l2 or l4 forwarding. I am just wondering why Destination Host or Network IP addresses are still required for L2 forwarding VS.
Piotr

mahmoud_eldeeb_ · Answer

yes, why?. let me search it&nbsp;

swo0sh_gt_13163 · Answer

Hey Piotr_L,
do you think the following answers your question? Or gives a clue at lease? Lori explained the L2 VS use case as following.
Layer 2 Forwarding Virtual Service (Bridge)    For situations where a proxy should be used to bridge two different Ethernet collision domains, a layer 2 forwarding virtual service an be used.  It can be provisioned to be an opaque, semi-opaque, or transparent bridge. Bridging two Ethernet domains is like an old timey water brigade. One guy fills a bucket of water (the client) and hands it to the next guy (the proxy) who hands it to the destination (the server/service) where it's thrown on the fire. The guy in the middle (the proxy) just bridges the gap (you're thinking what I'm thinking - that's where the term came from, right?) between the two Ethernet domains (networks). 
Article:
https://devcentral.f5.com/articles/back-to-basics-the-many-modes-of-proxies
I hope this helps.
Cheers!
Darshan

dragonflymr · Answer

Hi Darshan,

Nice article, did not know this one before. Still it's rather explaining how L2 forwarding works in generic terms (and this part I think I understand). It's not explaining why IP is necessary for VS. I was rather looking for some kind of docs describing in more details packet handling when L2 Forwarding VS is used.

Piotr

Forum Discussion

Layer2 Virtual Server and IP

8 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries HA

Need advise to setup a policy on F5

F5 Rseries R2600 Tenant sizing

Can iRule mask the payload content on event logs of security

Related Content

Check a Virtual Server's SSL Status

Virtual Server graphical App for F5 LTM

virtual server config

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Integrating SSL Orchestrator with Fortinet FortiGate Virtual Edition as a Virtual Wire