Forum Discussion
Thomas_Gobet
Mar 19, 2014Nimbostratus
Hi,
Bests deployment are when you use at least 2 arms (best on security).
For example with a single arm deployment, imagine if you're under DDoS attack. Even if you're F5 can protect your server from this attack, your monitors will be impacted because they use the same interface.
What you can do if you want to keep this 802.1q tag as a DMZ separator is to use trunk with two interfaces.
Keep in mind that if you want to use a cluster it's recommended to use a vlan dedicated for synchronization.
When I have to deploy new BIG-IPs for my customers, I usually use 3 interfaces or 4 if it's a cluster (1 for the MGMT, 1 for DMZ network, 1 for inside, 1 for HA).
- tolinrome_13817Mar 19, 2014NimbostratusSo for my understanding the way you set up the interfaces is with each their own vlan and no trunking on the interfaces?