F5OS-A 1.3.0 - Virtual Wire Support on r-series R5000 and R10000¶
Feature Overview¶
A virtual-wire can be used to forward traffic between two interfaces, typically both with the same 802.1q tag. This allows the user to insert the BIG-IP as a “bump in the wire” and process traffic at Layer 2 without introducing any of the complexity required to operate at the Layer 3 (IP layer). For example, you might want to insert a BIG-IP to use SSLO to direct traffic to and/or through a variety of security services such as Intrusion Prevention Systems (IPS) without altering the IP architecture of the network.
Virtual Wire is now supported on VELOS r-Series appliances using F5OS-A 1.3.0 for tenants using BIG-IP version 15.1.8.
In order for tenants on R-Series appliances to use Virtual Wires, those Virtual Wires must first be created on the R-Series controllers hosting the tenants.
Features¶
| Feature | 15.x |
|---|---|
| Dynamic VLAN | Supported |
| Tagged VLAN | Supported |
| Untagged VLAN (using Native VLAN) | Supported |
| Static Trunk | Supported |
| LACP Trunk | Supported |
| LACP Passthrough | Not Supported |
| Link State Propagation | Not Supported |
| Self IP | Not Supported |
| STP,LLDP,OSPF,BFD,BGP | Supported (OSPF Issues observed) |
| Q-in-Q(Double tagging) | Not Supported |
| HA | Supported with limitations on CBIP (Fast L4 and MAC Flaps issues observed) |
| Asymmetric Usecases | Supported |
Customer use case example¶
A customer wants to use Virtual Wire on a tenant running on an R-Series appliance to provide SSLO or other security related services without changing the network routing configuration.
CLI / TMSH commands¶
Be sure to login as a user equivalent to the ‘admin’ user in order to have access to the Operational and Configuration modes. Alternatively, log in as a standard user with bash access and the ability to run the ‘su admin’ command.
You can add a virtual wire to a running tenant. To add an existing virtual-wire “myvirtualwire2” to an existing tenant affeld1518-2, in config mode run the following command:
appliance-1(config)# tenants tenant affeld1518-2 config virtual-wires [ myvirtualwire2 ]
GUI¶
In the VELOS Controller UI, navigate to Network settings and select Virtual Wire
Add a Virtual Network.
Select the Mode “virtual-wire” and the appliance Interfaces to include in the virtual network.
Now you can create the Virtual Wire using the Virtual Network you just created.
Once the Virtual Wire is created, you can add it to a tenant.
On the tenant, we see the virtual wire is available for us to use.
New / Updated statistics¶
None.
New/Updated Logs¶
None
Licensing, Provisioning, and other Requirements¶
None
Troubleshooting/Is it working or is it failing?¶
If the virtual wire appears in the tenant’s list of virtual wires (Network >> Virtual Wire), it’s a good sign.The user should not have to do anything to make the virtual wire appear on the tenant.