Forum Discussion

Mark_Cloutier's avatar
Mark_Cloutier
Icon for Nimbostratus rankNimbostratus
Jul 29, 2013

Disabling interface on LTM VE

In preparation for importing the config from my physical boxes that the VE is replacing (tested out the physicals in my test network, prior to sending them to my DR datacenter) I wanted to disable the external interface so as to not have arp/duplicate ip conflicts. I found that after disabling the interface (1.2 in my case) I could still ping the self ip associated with that interface, and when I added a virtual server that matched one from my physical boxes, sure enough, it answered an arp and starting taking the traffic. The only way I could actually stop this from happening was to go into VMware and disconnect the network from the VM. Is that the expected behavior? This is a fully licensed LTM VE, with ASM licensed as an add on.

 

Mark

 

config
design

7 Replies

Sort By
  • Michael_Yates's avatar
    Michael_Yates
    Icon for Nimbostratus rankNimbostratus
    Jul 30, 2013
    Hi Mark,

     

     

    I tested what you are experiencing on my VE (v10.2.4 - HF 7) and experienced the same issue. Self-IP Addresses still responded as well as the Virtual Servers.

     

     

    I would suggest opening up a case with F5 and reporting the issue. I would be interested in what they say (and what the corrective action should be).
  • kridsana's avatar
    kridsana
    Icon for Cirrocumulus rankCirrocumulus
    Jul 30, 2013
    I think it's expected behavior. because interface in VE is virtual interface (it's always on).

     

     

    please correct me If i'm wrong. Thank you
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jul 30, 2013
    is it this known issue?

     

     

    sol12695: Disabling a TMM interface on BIG-IP LTM Virtual Edition or BIG-IP APM Virtual Edition does not cause the interface to go down and stop processing traffic

     

    http://support.f5.com/kb/en-us/solutions/public/12000/600/sol12695.html
  • Mark_Cloutier's avatar
    Mark_Cloutier
    Icon for Nimbostratus rankNimbostratus
    Jul 30, 2013

    Yes Nitass, that describes it exactly. I'll be upgrading today, so I'll be able to check whether it is in fact the same issue as the SOL says it was fixed in version 11.3

     

  • Mark_Cloutier's avatar
    Mark_Cloutier
    Icon for Nimbostratus rankNimbostratus
    Jul 30, 2013
    Worked as advertised :) I did have bump up my VE memory to 8 Gig as I am running LTM and ASM, but after rebooting in v 11.3, the external vlan interface reconnected in Vsphere, but remained disabled in TMM, and the self ips no longer answer pings.
  • Mark_Cloutier's avatar
    Mark_Cloutier
    Icon for Nimbostratus rankNimbostratus
    Aug 07, 2013
    Further update.... although the interface is shown as down, and pings to self ips or to virtual servers do not respond, those virtual servers do answer arps even though the interface is supposedly down :( That means a lot more work in prepping for a migration from the physical pair to the new virtual. Basically I have to disable all the virtual addresses, and configure them not to answer an arp, whereas I had hoped that the migration would be as simple as disabling the external vlan interfaces on the physicals, and enable it on the virtual. Guess I still have to go thru the vi client interface to completely disconnect that interface....