Manual Chapter : Using Link Aggregation with Tagged VLANs for a One-network Topology

Applies To:

Show Versions Show Versions

BIG-IP AAM

  • 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP APM

  • 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP GTM

  • 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP Link Controller

  • 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP Analytics

  • 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP LTM

  • 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP AFM

  • 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP PEM

  • 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP ASM

  • 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1
Manual Chapter

Using Link Aggregation with Tagged VLANs for a One-network Topology

Overview: Configuring link aggregation using tagged VLANs on one network

You can use the BIG-IP® system in an aggregated two-interface load balancing topology. Link aggregation is the process of combining multiple links so that the links function as a single link with higher bandwidth. Aggregating multiple interfaces into a trunk to create a link has the following advantages:

  • Link aggregation increases the bandwidth of the individual network interface cards (NICs) in an additive manner.
  • If one link goes down, the other link can handle the traffic by itself.

Link aggregation occurs when you create a trunk. A trunk is a combination of two or more interfaces and cables configured as one link.

The examples in this implementation show a trunk that includes two tagged interfaces aggregated together. A tagged interface is an interface that is configured to process traffic for multiple VLANs. A VLAN tag identifies the specific VLAN and enables traffic to pass through that specific VLAN. To cause traffic for multiple VLANs to be passed through a single trunk, you must assign the same trunk to each VLAN.

In the example, we create a trunk (trunk1) that includes two interfaces, 1.1 and 1.2, and then assign trunk1 as a tagged interface to both VLAN external and VLAN internal. Both VLANs (external and internal) reside on the same network, and are combined to form a VLAN group.

With this configuration, inbound and outbound traffic passing between the BIG-IP system and the vendor switch can use either interface. For example, traffic destined for VLAN externall can pass through either interface, 1.1 or 1.2.

Illustration of link aggregation for a one-network topology

VLAN Group 1

Link aggregation for a one-network topology

Task summary

Perform the following tasks to configure two interfaces (tagged VLANs) to function as a single link with higher bandwidth. In this implementation, you combine the two tagged VLANs into one VLAN group, where the two VLANs are on the same IP network.

Task list

Creating a trunk

You create a trunk on the BIG-IP® system so that the system can then aggregate the links to enhance bandwidth and ensure link availability.
  1. On the Main tab, click Network > Trunks .
    The Trunk List screen opens.
  2. Click Create.
  3. Name the trunk.
  4. For the Interfaces setting, in the Available field, select an interface, and using the Move button, move the interface to the Members field. Repeat this action for each interface that you want to include in the trunk.
    Trunk members must be untagged interfaces and cannot belong to another trunk. Therefore, only untagged interfaces that do not belong to another trunk appear in the Available list.
  5. Select the LACP check box.
  6. From the Link Selection Policy list, retain the default value, Auto.
  7. From the Frame Distribution Hash list, select the default value, Source/Destination IP address port.
    Important: On certain F5 platforms, packets can incorrectly egress on the same BIG-IP trunk member that the external switch ingressed the packets on. You can prevent this by configuring the external switch to use the same algorithm for its frame distribution hash value as you configure on the BIG-IP trunk. For example, if you configure the BIG-IP trunk to base the frame distribution hash value on both source and destination IP addresses, then you must configure the external switch to do the same.
  8. Click Finished.
After you create a trunk, the BIG-IP system aggregates the links to enhance bandwidth and prevent interruption in service.

Adding a tagged interface to a VLAN

After you aggregate the links, you assign the trunk to the VLAN as a tagged interface.
  1. On the Main tab, click Network > VLANs .
    The VLAN List screen opens.
  2. Perform the following for the external and internal VLANs:
    1. Click the VLAN name.
    2. For the Interfaces setting, in the Available field, select a trunk, and using the Move button, move the trunk that you created to the Tagged field.
    3. Click Update.
The trunk is assigned to the external and internal VLAN as a tagged interface.

Creating a load balancing pool

You can create a load balancing pool (a logical set of devices such as web servers that you group together to receive and process traffic) to efficiently distribute the load on your server resources.
Note: You must create the pool before you create the corresponding virtual server.
  1. On the Main tab, click Local Traffic > Pools .
    The Pool List screen opens.
  2. Click Create.
    The New Pool screen opens.
  3. In the Name field, type a unique name for the pool.
  4. For the Health Monitors setting, in the Available list, select a monitor type, and click << to move the monitor to the Active list.
    Tip: Hold the Shift or Ctrl key to select more than one monitor at a time.
  5. From the Load Balancing Method list, select how the system distributes traffic to members of this pool.
    The default is Round Robin.
  6. For the Priority Group Activation setting, specify how to handle priority groups:
    • Select Disabled to disable priority groups. This is the default option.
    • Select Less than, and in the Available Members field type the minimum number of members that must remain available in each priority group in order for traffic to remain confined to that group.
  7. Using the New Members setting, add each resource that you want to include in the pool:
    1. Type an IP address in the Address field.
    2. Type a port number in the Service Port field, or select a service name from the list.
    3. To specify a priority group, type a priority number in the Priority Group Activation field.
    4. Click Add.
  8. Click Finished.
The load balancing pool appears in the Pools list.

Creating a virtual server with source address affinity persistence

A virtual server represents a destination IP address for application traffic.
  1. On the Main tab, click Local Traffic > Virtual Servers .
    The Virtual Server List screen opens.
  2. Click the Create button.
    The New Virtual Server screen opens.
  3. In the Name field, type a unique name for the virtual server.
  4. For the Destination setting, in the Address field, type the IP address you want to use for the virtual server.
    The IP address you type must be available and not in the loopback network.
  5. In the Service Port field, type a port number or select a service name from the Service Port list.
  6. Locate the relevant profile type for the traffic being managed, and either retain the default value or select a custom profile name.
  7. In the Resources area of the screen, from the Default Pool list, select a pool name.
  8. For the Default Persistence Profile setting, select source_addr.
    This implements simple persistence, using the default source address affinity profile.
A client system now has a destination IP address on the BIG-IP system.

Removing the self IP addresses from the default VLANs

Remove the self IP addresses from the individual VLANs. After you create the VLAN group, you will create another self IP address for the VLAN group for routing purposes. The individual VLANs no longer need their own self IP addresses.
  1. On the Main tab, click Network > Self IPs .
  2. Select the check box for each IP address and VLAN that you want to delete.
  3. Click Delete.
  4. Click Delete.
The self IP address is removed from the Self IP list.

Creating a VLAN group

Create a VLAN group that includes the internal and external VLANs. Packets received by a VLAN in the VLAN group are copied onto the other VLAN. This allows traffic to pass through the BIG-IP® system on the same IP network.
  1. On the Main tab, click Network > VLANs > VLAN Groups .
    The VLAN Groups list screen opens.
  2. Click Create.
    The New VLAN Group screen opens.
  3. In the Name field, type the name myvlangroup.
  4. For the VLANs setting, use the Move button to move the internal and external VLAN names from the Available field to the Members field.
  5. Click Finished.

Creating a self IP for a VLAN group

Before you create a self IP address, ensure that you have created at least one VLAN or VLAN group.
After you have created the VLAN group, create a self IP address for the VLAN group. The self IP address for the VLAN group provides a route for packets destined for the network. With the BIG-IP® system, the path to an IP network is a VLAN. However, with the VLAN group feature used in this procedure, the path to the IP network 10.0.0.0 is actually through more than one VLAN. As IP routers are designed to have only one physical route to a network, a routing conflict can occur. With a self IP address on the BIG-IP system, you can resolve the routing conflict by associating a self IP address with the VLAN group.
  1. On the Main tab, click Network > Self IPs .
  2. Click Create.
    The New Self IP screen opens.
  3. In the IP Address field, type an IPv4 or IPv6 address.
    This IP address should represent the address space of the VLAN group that you specify with the VLAN/Tunnel setting.
  4. In the Netmask field, type the full network mask for the specified IP address.

    For example, you can type ffff:ffff:ffff:ffff:0000:0000:0000:0000 or ffff:ffff:ffff:ffff::.

  5. From the VLAN/Tunnel list, select the VLAN group with which to associate this self IP address.
  6. From the Port Lockdown list, select Allow Default.
  7. Click Finished.
    The screen refreshes, and displays the new self IP address.
The BIG-IP system can send and receive traffic through the specified VLAN or VLAN group.