How to pass 802.1q tagged frames from Vmware switch to BIG-IP VE F5

Scenario

You want to create a 802.1q trunk between a VMware switch and the F5 VE appliance in order to be able to pass multiple vlans over that link.

Solution

  • In VMware Vsphere add a new portgroup with the tag 4095 (all) to pass tagged frames to the F5. This way the F5 will take the tags off and forward traffic to relevant VLANs .This is also know as VGT (Virtual Guest Tagging) where the VM will remove the VLAN tags instead of the vSwitch.

 

  • Then add this new interface to the F5 VE. I put a link to the F5 article on adding interfaces to the VE appliance in the References section. You need to power off the F5 VM in order to do this.

 

  • On the F5 configure a VLAN10 interface and then add the new interface created in the above step as ‘Tagged’. Remember to use a correct tag number which corresponds to the Vlan number on the vswitch where the servers are located.

  • Create a Self IP for the VLAN10.

Result

 

Now you are able to ping from a machine located on VLAN10 to the Self IP on the F5 VE. Further step is to add more VLANs and Self IPs as the F5 is now able to deal with tagged frames coming from the Vswitch.

 

Refererences:

https://support.f5.com/csp/article/K12149

 

Leave a Reply

Your email address will not be published.