Hi Denny,
The original design requirement was to eliminate all config complexity on the LTM and dumb them down - hence the bridge-mode config and all routing/ security is enforced in the upstream firewalls.
Yes, we could have used virtual network forwarders per VLAN but the bridge mode config drives everything to the firewalls by default, and preventing any inter-zone traffic is critical.
In terms of the size of the broadcast domain, it's minimal (single hop into a Cisco 3750 to which the servers are directly attached) and the number of devices per VLAN is very low - no issues with broadcast storms. Of course the broadcast domain is the same size in L2 or L3 for the same VLANs.
So the question is not so much "what do we consider best practices?", but rather "which available F5 config best suited the overall customer needs?" As you point out, bridge-mode (and let's not forget L2 design best practices) have been around since Moses played quarterback for Nazareth, so this posed a low risk approach.
Of course in the absence of the various requirements and constraints, a route-mode design would have been a more elegant solution.
The key issue at this time is a corner case where the FDBs appear to behave non-deterministically when the failed primary LTM recovers and comes back online. The initial failover is clean, but recovery is not. The guys have spent a lot of time checking the obvious things on the LTMs and the 3750s, hence the support case.
Cheers,
Andrew