Applies To:

Show Versions Show Versions

Manual Chapter: Interfaces
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

13 
A key task of the BIG-IP® system configuration is the configuration of BIG-IP system interfaces. The interfaces on a BIG-IP system are the physical ports that you use to connect the BIG-IP system to other devices on the network. These other devices can be next-hop routers, Layer 2 devices, destination servers, and so on. Through its interfaces, the BIG-IP system can forward traffic to or from other network devices.
Note: Throughout this guide, the term interface refers to the physical ports on the BIG-IP system.
Every BIG-IP system includes multiple interfaces. The exact number of interfaces that you have on the BIG-IP system depends on the platform type. For information on BIG-IP platform types, see the relevant platform guide.
A management interface
The management interface is a special interface dedicated to performing a specific set of system management functions.
TMM switch interfaces
TMM switch interfaces are those interfaces that the BIG-IP system uses to send or receive application traffic, that is, traffic slated for application delivery.
Each of the interfaces on the BIG-IP system has unique properties, such as the MAC address, media speed, duplex mode, and support for Link Layer Discovery Protocol (LLDP).
In addition to configuring interface properties, you can implement a feature known as interface mirroring, which you can use to duplicate traffic from one or more interfaces to another. You can also view statistics about the traffic on each interface.
Once you have configured the properties of each interface, you can configure several other features of the BIG-IP system that control the way that interfaces operate. For example, by creating a virtual local area network (VLAN) and assigning interfaces to it, the BIG-IP system can insert a VLAN ID, or tag, into frames passing through those interfaces. In this way, a single interface can forward traffic for multiple VLANs.
To configure and manage BIG-IP system interfaces, log in to the BIG-IP Configuration utility, and on the Main tab, expand Network, and click Interfaces.
The BIG-IP system supports Link Layer Discovery Protocol (LLDP). LLDP is a Layer 2 industry-standard protocol (IEEE 802.1AB) that enables a network device such as the BIG-IP system to advertise its identity and capabilities to multi-vendor neighbor devices on a network. The protocol also enables a network device to receive information from neighbor devices.
LLDP transmits device information in the form of LLDP messages known as LLDP Data Units (LLDPDUs). In general, this protocol:
Advertises connectivity and management information about the local BIG-IP device to neighbor devices on the same IEEE 802 LAN.
Using the BIG-IP Configuration utility or tmsh, you can configure the BIG-IP system interfaces to transmit or receive LLDPDUs. More specifically, you can:
Specify the exact content of LLDPDUs that a BIG-IP system interface transmits to a neighbor device. You specify this content by configuring the LLDP Attributes setting on each individual interface.
Globally specify the frequencies of various message transmittal properties, and specify the number of neighbors from which each interface can receive messages. These properties apply to all interfaces on the BIG-IP system.
Figure 13.1 shows a local LLDP-enabled BIG-IP system, configured to both transmit and receive LLDP messages from neighbor devices on a LAN.
Each interface on the BIG-IP system has a set of properties that you can configure, such as enabling or disabling the interface, setting the requested media type and duplex mode, and configuring flow control. Configuring the properties of each interface is one of the first tasks you do after running the Setup utility on the BIG-IP system. While you can change some of these properties, such as media speed and duplex mode, you cannot change other properties, such as the media access control (MAC) address.
Note: Only users with either the Administrator or Resource Administrator user role can create and manage interfaces.
By convention, the names of the interfaces on the BIG-IP system use the format <s>.<p> where s is the slot number of the network interface card (NIC), and p is the port number on the NIC. Examples of interface names are 1.1, 1.2, and 2.1. BIG-IP system interfaces already have names assigned to them; you do not explicitly assign them.
Using the Configuration utility, you can display a screen that lists all of the BIG-IP system interfaces, as well as their current status (UP or DOWN). You can also view other information about each interface:
This information is useful when you want to assess the way that a particular interface is forwarding traffic. For example, you can use this information to determine the specific VLANs for which an interface is currently forwarding traffic. You can also use this information to determine the speed at which an interface is currently operating.
You can either enable or disable an interface on the BIG-IP system. By default, each interface is set to Enabled, where it can accept ingress or egress traffic. When you set the interface to Disabled, the interface cannot accept ingress or egress traffic.
The Fixed Requested Media property shows that the interface auto-detects the duplex mode of the interface.
You can configure the Flow Control property to manage the way that an interface handles pause frames for flow control. Pause frames are frames that an interface sends to a peer interface as a way to control frame transmission from that peer interface. Pausing a peers frame transmissions prevents an interfaces First-in, First-out (FIFO) queue from filling up and resulting in a loss of data. Possible values for this property are:
Pause None
Disables flow control.
Pause TX/RX
Specifies that the interface honors pause frames from its peer, and also generates pause frames when necessary. This is the default value.
Pause TX
Specifies that the interface ignores pause frames from its peer, and generates pause frames when necessary.
Pause RX
Specifies that the interface honors pause frames from its peer, but does not generate pause frames.
The LLDP property is one of two properties related to LLDP that you can configure for a specific interface. The possible values for this setting are:
Disabled
When set to this value, the interface neither transmits (sends) LLDP messages to, nor receives LLDP messages from, neighboring devices.
Transmit Only
When set to this value, the interface transmits LLDP messages to neighbor devices but does not receive LLDP messages from neighbor devices.
Receive Only
When set to this value, the interface receives LLDP messages from neighbor devices but does not transmit LLDP messages to neighbor devices.
Transmit and Receive
When set to this value, the interface transmits LLDP messages to and receives LLDP messages from neighboring devices.
The LLDP Attributes setting is one of two settings related to LLDP that you can configure for a specific interface. You use this interface setting to specify the content of an LLDP message being sent or received. Each LLDP attribute that you specify with this setting is optional and is in the form of Type, Length, Value (TLV).
Table l13.1 lists and describes the optional TLVs that the interface can send or receive in an LLDP message. Note that there are three mandatory TLVs, which are not listed here: Chassis ID, Port ID, and Time-to-Live (TTL).
Contains an alpha-numeric string that indicates the systems administratively-assigned name. The system name should be the systems fully qualified domain name (FQDN). If implementations support IETF RFC 3418, use the sysName object for this field.
Contains an alpha-numeric string that is the textual description of the network entity. The system description should include the full name and version identification of the system's hardware type, software operating system, and networking software. If implementations support IETF RFC 3418, use the sysDescr object for this field.
Identifies an address associated with the local LLDP agent used to reach higher layer entities, to assist discovery by network management. This TLV also provides room for the inclusion of the system interface number that is associated with this management address, if known.
Port VLAN ID (untagged VLAN ID)
Allows a VLAN bridge port to advertise the ports VLAN identifier (PVID) that is associated with untagged or priority tagged frames (see IEEE 802.1Q-1998, 8.4.4). This field is an optional, fixed-length TLV.
Allows a bridge port to advertise a port and protocol VLAN ID. The port and protocol VLAN ID field shall contain the PPVID number for this IEEE 802 LAN station. If the port is not capable of supporting port and protocol VLANs and/or the port is not enabled with any port and protocol VLAN, the PPVID number should be zero. This field is optional.
VLAN Name (complete list of tagged/untagged VLANs)
Allows an IEEE 802.1Q-compatible IEEE 802 LAN station to advertise the assigned name of any VLAN with which it is configured. The VLAN name field must contain the VLANs name. If implementations support IETF RFC 2674, use the dot1QVLANStaticName object for this field. This field is optional.
Allows an IEEE 802 LAN station to advertise particular protocols that are accessible through the port. The protocol identity field must contain the first n octets of the protocol after the Layer 2 addresses (for example, starting with the Ethertype field) that the sender needs to advertise. The value of n is determined by the need for the protocol to disambiguate itself. The protocol information string must include enough octets to allow the receiver to correctly identify the protocol and its version. To advertise Spanning Tree protocols, for example, the Protocol Identity field must include at least eight octets: IEEE 802.3 length (two octets), LLC addresses (two octets), IEEE 802.3 control (one octet), Protocol ID (two octets), and the protocol version (one octet). This field is optional.
MAC/PHY Configuration Status
Indicates the maximum frame size capability of the implemented MAC and PHY. The maximum frame size field must contain an integer value indicating the maximum supported frame size in octets, as determined by the following:
If the MAC/PHY supports only the basic MAC frame format as defined in 3.1.1 of IEEE Std 802.3-2002, set the maximum frame size field to 1518.
If the MAC/PHY supports an extension of the basic MAC frame format for tagged MAC frames as defined in IEEE 802.3-2002, set the maximum frame size field to 1522.
If the MAC/PHY supports an extension of the MAC frame format that is different from either of the above, set the maximum frame size field to the maximum value supported.
For reliability reasons, you can configure a feature known as interface mirroring. When you configure interface mirroring, you cause the BIG-IP system to copy the traffic on one or more interfaces to another interface that you specify. By default, the interface mirroring feature is disabled.
Specifies one or more interfaces for which you want to mirror traffic on the destination interface.
In addition to the LLDP-related settings that you can configure per interface, you can configure some global LLDP settings that apply to all interfaces on the system.
Moreover, you can view statistics pertaining to any neighbor devices that have transmitted LLDP messages to the local BIG-IP system.
To configure these settings using the BIG-IP Configuration utility, locate the Main tab, expand Network, and click Interfaces. Then from the LLDP menu item, choose General or Neighbors.
To control the frequency of LLDP messages, you can configure the following settings. Note that these settings are global settings that apply to all interfaces on the system.
Table 13.3 lists and describes general settings that apply to all LLDP-enabled interfaces on the BIG-IP system.
The control to enable or disable LLDP for all interfaces on the BIG-IP system. The default value is Disabled.
A multiplier on the value of the Message Transmit Interval setting, used to compute the TTL value of txTTL.
The delay in seconds, after adminStatus becomes disable, before re-initialization is attempted.
The maximum number of neighbors from which each interface can receive messages. If the BIG-IP receives messages from more than 10 neighbors on one port, the system discards the messages, thus protecting the system from flooding (whether accidental or malicious)
When a BIG-IP system interface receives LLDP messages from neighbor devices, the BIG-IP system displays chassis, port, and system information about the content of those messages. Specifically, the system displays values for the standard TLVs for each neighbor. These TLVs are:
Chassis ID
Identifies the chassis containing the IEEE 802 LAN station associated with the transmitting LLDP agent.
Port ID
Identifies the port component of the media service access point (MSAP) identifier associated with the transmitting LLDP agent.
Port description
An alpha-numeric string that describes the interface.
System name
An alpha-numeric string that indicates the administratively-assigned name of the neighbor device.
System description
An alpha-numeric string that is the textual description of the network entity. The system description should include the full name and version identification of the hardware type, software operating system, and networking software of the neighbor device.
System capabilities
The primary functions of the system and whether these primary functions are enabled.
Management address
An address associated with the local LLDP agent used to reach higher layer entities. This TLV might also include the system interface number that is associated with the management address, if known.
Note that you can use the Auto Refresh setting to either automatically or manually refresh TLV information that the BIG-IP system receives from neighbor devices.
After you have configured the interfaces on the BIG-IP system, one of the primary tasks you perform is to assign those interfaces to the virtual LANs (VLANs) that you create. A VLAN is a logical subset of hosts on a local area network (LAN) that reside in the same IP address space. When you assign multiple interfaces to a single VLAN, traffic destined for a host in that VLAN can travel through any one of these interfaces to reach its destination. Conversely, when you assign a single interface to multiple VLANs, the BIG-IP system can use that single interface for any traffic that is intended for hosts in those VLANs.
Another powerful feature that you can use for BIG-IP system interfaces is trunking, with link aggregation. A trunk is an object that logically groups physical interfaces together to increase bandwidth. Link aggregation, through the use of the industry-standard Link Aggregation Control Protocol (LACP), provides regular monitoring of link status, as well as failover if an interface becomes unavailable.
Finally, you can configure your BIG-IP system interfaces to work with one of the spanning tree protocols (STP, RSTP, and MSTP). Spanning tree protocols reduce traffic on your internal network by blocking duplicate routes to prevent bridging loops. Chapter 17, Spanning Tree Protocols, describes the spanning tree protocols and the procedure for configuring these protocols on the BIG-IP system. The chapter also includes information on setting spanning tree-related properties on individual interfaces.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)