Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology

L3 Port-channel connectivity with F5

Is it a best/standard practice to configure a switch connected to F5 with a L3 port-channel on switch side ? something similar to router on a stick with vlans allowed on f5 and L3 port-channel sub-interfaces (dot1q) on switch side ?

Or it must be a L2 portchannel with vlans passed on this trunk port ?

Thanks, AR

Rate this Question

Answers to this Question


Wherever possible, use dot1q. There are 4 functions you need to decide cabling for. (In brackets is how I'd go about it):

  • HA (dot1q Direct connection to other BigIP)
  • Client-side traffic (dot1q Connected to external NS stack)
  • Server-side traffic (dot1q Connected to internal NS stack. Can be the same link as 2 if there's just one NS stack)
  • Mgmt (standalone)

If you have security-conscious network setup, you have internal and external network switch stacks. In that case, you would end up with 3 aggregated dot1q links, and one standalone link for Mgmt. If you have a budget setup, you will end up with 2 aggregated dot1q links and one standalone link for Mgmt. In that scenario, Client-side and Server-side traffic is transmitted via the the same network switch stack.

You can take my answer in thread below as the base, and adjust as needed https://devcentral.f5.com/questions/how-to-setup-f5-ltm-ha-network-57397

How many interfaces you bundle in a dot1q trunk (2 or 4) depends on your throughput requirements. For the HA trunk, 2 is always enough - there you only want the dot1q for that extra fault tolerance, extra throughput is not relevant.