Applies To:
Show Versions
BIG-IP versions 1.x - 4.x
- 3.3.1 PTF-06, 3.3.1 PTF-05, 3.3.1 PTF-04, 3.3.1 PTF-03, 3.3.1 PTF-02, 3.3.1 PTF-01, 3.3.1, 3.3.0
17
Setting up 802.1q VLAN Trunk Mode
Setting up 802.1q VLAN trunk mode
The BIG-IP Controller supports VLANs based on the IEEE 802.1q Trunk mode on BIG-IP Controller internal interfaces. VLAN tags are not supported on the external interfaces. You can define a single VLAN tag for each IP address defined for each BIG-IP Controller internal interface. This includes node network addresses, administrative addresses, shared administrative aliases, and additional aliases.
Note: In order for 802.1q VLAN trunk mode to operate on a BIG-IP Controller interface, all IP addresses on that interface must have a VLAN tag.
In order to use VLAN tags, you must edit /etc/netstart. Additionally, if you plan to use VLAN tags on a redundant BIG-IP system, you must add VLAN tags to the shared IP aliases in BIG/db using the bigpipe ipalias command.
Adding VLAN tag definitions to /etc/netstart
You must specify the VLAN tag ID for the network at the time you define the network address for a particular internal interface. You can do this by extending the additional_xxx definition for the internal interface (where xxx is the interface name, such as exp0, exp1, or hmc0). For example, if you have an internal interface IP defined as:
ipaddr_exp1="10.1.1.1"
netmask_exp1="255.0.0.0"
linkarg_exp1="media 100BaseTX,FDX"
additional_exp1="broadcast 10.255.255.255"
To define a VLAN tag ID 12 for this network (10.0.0.0), extend the additional_exp1 definition in the following manner:
additional_exp1="broadcast 10.255.255.255 vlan 12"
Do this for each internal interface for which you want to define a VLAN tag ID.
Adding VLAN tag definitions to BIG/db
For a redundant configuration, the BIG/db database contains the shared IP addresses for the internal and external interfaces for the BIG-IP Controller. If you plan to use VLAN tags on a redundant BIG-IP system, you must add the shared IP addresses to this database. Use the following syntax to add VLAN tag definitions to BIG/db.
bigpipe ipalias <ifname> <if address> netmask <ip mask> [ broadcast
<ip address> ] [ unit <id> ] [ tag <vlan tag> ]
For example, using the previous example, this line is extended with the same VLAN tag defined for its primary address, in this case 12:
bigpipe ipalias exp1 10.1.1.10 netmask 255.0.0.0 broadcast
10.255.255.255 tag 12
Configuring multiple VLANs on one interface
In order to set up multiple VLANs on the same interface, you need to add a new IP address for the interface. The BIG-IP Controller only supports one VLAN ID per network.
For example, to support an additional network, 12.0.0.0, with a VLAN tag ID of 15 on the same interface, add the following line to your /etc/netstart file after the ifconfig command:
/sbin/ifconfig exp1 add 12.1.1.1 netmask 255.0.0.0 media
100BaseTX,FDX broadcast 12.255.255.255 vlan 15
Note that you must add a shared address to the BIG/db file with the bigpipe ipalias command in a redundant BIG-IP system:
bigpipe ipalias exp1 12.1.1.1 netmask 255.0.0.0 broadcast
12.255.255.255 tag 15
To enable or disable VLAN tags on the command line
Once you have added VLAN tags, you can use the bigpipe interface command to enable, disable, or show the current settings for the interface. To globally enable or disable the VLAN tags for an internal interface, use the following syntax:
bigpipe interface <ifname> vlans [ enable | disable | show ]
For example, use the following command to enable VLAN tags on the interface exp1:
bigpipe interface exp1 vlans enable
Using ifconfig to add another VLAN
You must use the ifconfig command to define multiple, different VLAN tagged networks on the same interface. For example, use the following syntax to add a new VLAN tagged network on the same interface:
ifconfig exp1 add <address> netmask <mask> broadcast <address> vlan
<tag>
Note that the BIG-IP Controller allows one VLAN tag per network. In a redundant configuration, you need to add a new shared address on the new network with the identical VLAN tag ID in the BIG/db database with the bigpipe ipalias command.
You can also use ifconfig to display VLAN information for the interface exp1 with the following command:
ifconfig exp1
Using netstat to view VLAN tags
You can also use the netstat utility to display VLAN tag information with the route table for the BIG-IP Controller. Use the following syntax to display VLAN tag information with netstat:
netstat -nrT
Disabling and enabling VLAN tags using the Configuration utility
You can use the Configuration utility to enable or disable VLAN tags once they are configured on the BIG-IP Controller.
- In the navigation pane, select NICs.
The Network Interface Cards screen opens. - In the Network Interface Cards list, select the internal NIC for which you want to enable VLAN tags.
The Network Interface Card Properties screen opens. - In the Network Interface Card Properties screen, navigate to the Enable VLANs check box.
Click the Enable VLANs check box to enable the VLAN tags for the interface. Clear the check box to disable VLAN tags on the interface. - Click the Apply button.
Note: You can only enable or disable VLAN tags in the Configuration utility. VLAN tags must be configured by adding VLAN tag values to the /etc/netstart file (and the BIG/db with the bigpipe ipalias command for redundant configurations). The Configuration utility can only enable or disable VLAN tags that have been configured in those files.
