Forum Discussion

Martin_Visser's avatar
Martin_Visser
Icon for Nimbostratus rankNimbostratus
Oct 30, 2017

LTM with multiple VLANs/subnets, but no routes in route list. Why does it work?

I was examining a working customer LTM configuration and was perplexed that it worked initially. They are running 11.6 LTM, using fairly standard iApps Application Services. The virtual servers tend to be assigned to the same VLANs/subnets as pool members - there are about 6 VLANs. They aren't using SNAT, and clients are remote - so traffic tends to come in from the LAN gateway to the virtual server on the correct VLAN.

 

What was curious is only the mgmt interface has a default route defined - they only use the default route domain and but NO routes exist in the route list. I did a bit of a double-take and was worried traffic returning from the virtual servers would go back via the management interface, rather than the larger LACP trunk with 4 interfaces.

 

But after looking initially at the interface stats, and then doing a tshark packet capture, I could confirm that in/out traffic to the VS VIP remained on the same VLAN, and that the MAC address for response towards the client was in fact the correct MAC for the LAN switch gateway. So it seems that if you don't have explicit routes defined for a subnet, then the F5 "remembers" the incoming MAC address associated with the client (which is always going to be the gateway MAC) and sends it back appropriately.