Forum Discussion

Stewart_76633's avatar
Stewart_76633
Icon for Nimbostratus rankNimbostratus
Jan 09, 2013

LTM trunk to seperate switches?

As per this document, http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos_management_guide_10_1/tmos_trunks.html, I have a fair understanding of what Trunks are all about. For resilency, I want to have a link from our LTM to both of our two core switches, so we don't lose the device if a switch goes down.

 

What I'm wondering is whether I can have two interfaces, connected to two different switches (which are layer 2 switches) and have those trunked. Ideally I'd like it to be active/passive so traffic flows are deterministic, however a load balanced approach would be OK too.

 

Is this setup supported, and will it work as expected?

 

Cheers

 

config
design

9 Replies

Sort By
  • Stewart_76633's avatar
    Stewart_76633
    Icon for Nimbostratus rankNimbostratus
    Jan 09, 2013
    All of their documents just seem to show these trunk interfaces to a single switch.
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jan 09, 2013
    i understand you have to add 2 interfaces to the same vlan (no trunk interface) and let stp prevent loop.
  • Stewart_76633's avatar
    Stewart_76633
    Icon for Nimbostratus rankNimbostratus
    Jan 09, 2013
    oh really, that simply huh? I'll give it a crack, should just be a matter of shutting the link to one of the switches to see if the failover works seamlessly.
  • Stewart_76633's avatar
    Stewart_76633
    Icon for Nimbostratus rankNimbostratus
    Jan 09, 2013
    I'd appreciate any further information from those with experience with this if anyone has it!
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jan 09, 2013
    should just be a matter of shutting the link to one of the switches to see if the failover works seamlessly.i think you may need ha group configuration to failover when one interface is down.

     

     

    Configuring HA groups

     

    http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos_management_guide_10_1/tmos_high_avail.html
  • What_Lies_Bene1's avatar
    What_Lies_Bene1
    Icon for Cirrostratus rankCirrostratus
    Jan 09, 2013
    You could of course use vPC with Cisco swithes and have a single trunk connect to two switches but I suspect that's not an option here. This is the only case where you can connect a single trunk to two switches.

     

     

    You could also have two trunks each containing two interfaces and connect each to a different switch.
  • Stewart_76633's avatar
    Stewart_76633
    Icon for Nimbostratus rankNimbostratus
    Jan 09, 2013
    Seems like you were right from the start nitass. I created the interfaces on the same VLAN to two different switches. At first I had switch ports getting disabled because the F5 was participating in spanning tree. After disabling BPDUguard on the switch STP negotiated the forwarding paths. Ive tested shutting a switch port (to simulate a switch failure) and I lose a couple of pings while the network re-converges then It's good again. Happy with this...

     

     

    Cheers!
    • nolipineda's avatar
      nolipineda
      Icon for Altostratus rankAltostratus
      Apr 10, 2014
      Hi Stewart, Did you try fail-back? If yes, what was the recovery time? Would you mind sharing your STP thresholds please? Thanks!
    • satish_txt_2254's avatar
      satish_txt_2254
      Icon for Cirrus rankCirrus
      Apr 27, 2017

      How did you disable BPDU guard i have tried disabling BPDU guard on switch port where F5 connected but it didn't work 😞

      my port is getting in BLK (loopguard mode)

      Vlan                Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
VLAN0201            Root BKN*3         128.456  P2p *LOOP_Inc

      I am trying to simulate scenario where my primary switch failed and it contine work...