Hi Hamzeh,
point number two : this can be achieved without vlan group by creating a specific virtual server with the source is the internal subnet and using snat auto map ) , what is the added value of vlan group in this case ???
Actually the case you are referring to is when both hosts reside on the same subnet and same VLAN. The VLAN group allows hosts on the same subnet but different VLANs to talk.
in general , how the f5 box will decide that this host is a member of vlan 10 and the other host is a member of vlan 20 when both of them are in the same subnet ?
The interface on which ingress traffic arrives in combination with the 802.1q tag (or lack thereof) tells the LTM which VLAN a source host is on.
If the F5 needs to send traffic to a host X for which it does not have an ARP entry then it will broadcast an ARP request in the VLAN or VLANs (in the case of a vlan group) associated with the self-IP which contains the IP of host X.