management interface configuration

Question

I know that the management interface must be in a separate subnet/VLAN than the other interfaces ( internal , external , HA ).&nbsp;
But re config of the management interface : &nbsp;
 &nbsp;
Q1 : In f5 config , should I create a VLAN and a corresponding Self IP for the management interface ?  &nbsp;
Apparently this is not necessary because on initial access of the management admin console , no VLANs or Self IPs are configured.&nbsp;
 &nbsp;
Q2 : Is it better for the management interface to be DHCP or Static IP ? ( apparently the default is DHCP )&nbsp;
If my management interface is DHCP , is it possible via the management-interface to re-config as Static IP ?  If not then how ?&nbsp;
 &nbsp;
Thanks.&nbsp;

nitass · Answer

Q1 : In f5 config , should I create a VLAN and a corresponding Self IP for the management interface ?  vlan and selfip are on tmm interface. there is no such configuration for mgmt interface. 
&nbsp;  
&nbsp; Q2 : Is it better for the management interface to be DHCP or Static IP ? ( apparently the default is DHCP )i always use static ip. it is under system/platform in gui.

hamish · Answer

To expand a bit. The management interface is controlled directly by the host itself. This supports plain old unencapsulated packets only. (An access port only in cisco terms).  (The Linux OS your interact with). The TMM interfaces for which you see configuration options for in the GUI are actually connected to a separate ethernet switch. This switch is under the control of the TMM micro-kernel that runs the load-balancing on the unit (You can see this from the host as a process running an executable called tmm. There's one per CPU core usually). 
&nbsp;  
&nbsp; The host OS doesn't really have access to this, and the TMM kernel doesn't have access to the management interface. The TMM switchboard can do 802.1Q VLAN tagging (Cisco Trunking, not to be confused with BigIP Trunking) OR operate as an access port (Which appears on bigip as a pseudo VLAN tag &gt; 4096). 
&nbsp;  
&nbsp; As nitas said... Static IP's for management. SLightly more config to do to set a static IP vs leaving it dynamic, but you don't have to rely on DHCP servers and DDNS. 
&nbsp;  
&nbsp; H

Forum Discussion

management interface configuration

2 Replies

Recent Discussions

Viprion files on blades.

redirect not working

active/active Support Declarative Onboarding

Reliable resources for identifying IP addresses

minimum tmos software version for connect CIS (openshift)

Related Content

Traffic Management User Interface Vulnerability: The Fix and Temporary Mitigation Options

Re: Configuring Smart Card Authentication to the BIG-IP Traffic Management User Interface (TMUI) usi

management interface failover

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

Application Programming Interface (API) Authentication types simplified