CirrostratusRouting Domains, HA and wrong ARP entries
Hi,
I am new to F5 so sorry for any obvious questions. My setup is based on two LTM VE in Active-Passive config using 1.5.1 HF4. Two Routing Domains configured: default (ID0) with internal, external, HA, http-tunnel, socks-tunnel RD2 (ID1) with DMZ, Route2
internal use port 1.2 connected to separate VMWare port group (ESX) on both LTM VE with MAC address ending: bigip1 - 6c:d8 bigip2 - 68:f7
DMZ use port 1.4 connected to separate VMWare port group (ESX) on both LTM VE with MAC address ending: bigip1 - 4c:45 bigip2 - 32:75
Route2 is irrelevant for this issue
Self IP assigned internal: bigip1 - 10.128.50.102 bigip2 - 10.128.50.103 DMZ bigip1 - 10.128.50.102%1 bigip2 - 10.128.50.103%1
When doing ping from bigip1 CLI I can ping both internal and DMZ IP on bigip2 Problem is when looking into ARP cache on bigip1 After ping 10.128.50.103 and tmsh show net arp I can see: 10.128.50.103 10.128.50.103 00:50:56:a9:68:f7 /Common/internal 295 resolved That is OK as ping is using internal on bigip1 and response is from port 1.2 (internal) on bigip2
After ping 10.128.50.103%1 and tmsh show net arp I can see: 10.128.50.103%1 10.128.50.103%1 00:50:56:a9:68:f7 /Common/DMZ 264 resolved That is part I don't get. Ping is using DMZ on bigip1 but reply is from port 1.2 (internal) on bigip2 (68:f7). I expected to get reply from port 1.4 (DMZ) on bigip2 - 32:75
After creating floating IP 10.128.50.201 (internal) and 10.128.50.201%1 (DMZ) ping from bigip2 to both of those addresses is responded from internal port 1.2 on bigip1 (6c:d8), form me when 10.128.50.201%1 is pinged response should be from port 1.4 (DMZ) on bigip1 - 4c:45.
Is that normal behavior or something is messed up in my config or there is some bug in 1.5.1HF4?
Piotr
