Forum Discussion

ganesh_31408's avatar
ganesh_31408
Icon for Nimbostratus rankNimbostratus
Mar 24, 2019

LTM in HA pair running OSPF to be a DR and BDR, though it will have all your public VIP which must be advertised to your external routers.

In the present configuration, F5's are connected with my firewalls which are further connected to my internet routers. As of now I can see that the OSPF neighbor-ship has been established with the firewall as DR but the standby node is BDR but what I have read on https://support.f5.com/csp/article/K8254 that it is not advisable for F5's to be a DR or BDR, I just wanted more explanation on this why F5 should not be your DR or BDR or if they does are there any negative consequences? Regards, G

 

application delivery
LTM

7 Replies

Sort By
  • Amresh008's avatar
    Amresh008
    Icon for Nimbostratus rankNimbostratus
    Mar 24, 2019

    Why would you like your F5 device to do what a router/L3 switch can do ? Configuring F5 to route the traffic for OSPF would require it to have different tables on it, but F5 has not been specifically configured for it. It can participate as an ospf node but should be the least preferred one to take routing decision.

     

    • ganesh_31408's avatar
      ganesh_31408
      Icon for Nimbostratus rankNimbostratus
      Mar 25, 2019

      Yeah, the design is actually like this, the KB article does mention that it should not be configured ad DR/BDR but there are no official reasons mentioned. Also, please comment in my recently posted question if you have idea.

       

  • Amy003_314955's avatar
    Amy003_314955
    Icon for Cirrus rankCirrus
    Mar 24, 2019

    Why would you like your F5 device to do what a router/L3 switch can do ? Configuring F5 to route the traffic for OSPF would require it to have different tables on it, but F5 has not been specifically configured for it. It can participate as an ospf node but should be the least preferred one to take routing decision.

     

    • ganesh_31408's avatar
      ganesh_31408
      Icon for Nimbostratus rankNimbostratus
      Mar 25, 2019

      Yeah, the design is actually like this, the KB article does mention that it should not be configured ad DR/BDR but there are no official reasons mentioned. Also, please comment in my recently posted question if you have idea.

       

  • Amresh008's avatar
    Amresh008
    Icon for Nimbostratus rankNimbostratus
    Mar 24, 2019

    Why would you like your F5 device to do what a router/L3 switch can do ? Configuring F5 to route the traffic for OSPF would require it to have different tables on it, but F5 has not been specifically configured for it. It can participate as an ospf node but should be the least preferred one to take routing decision.

     

    • ganesh_31408's avatar
      ganesh_31408
      Icon for Nimbostratus rankNimbostratus
      Mar 25, 2019

      Yeah, the design is actually like this, the KB article does mention that it should not be configured ad DR/BDR but there are no official reasons mentioned. Also, please comment in my recently posted question if you have idea.

       

  • Surgeon's avatar
    Surgeon
    Ret. Employee
    Mar 24, 2019

    Being DR and BDR will force bigip device to maintain OSPF network and be responsible for LSAs advertisements. This will increase CPU and network load on big-ip with services which big-ip boxes are not designed for. Big-ip device is not router even if it can participate in the routing process.