F5 10000 Series, LTM - External Interface not comunicating - up on switch, up on F5 interface

On, a secondary standby LTM I am trying to configure.. the external interface shows as up, the switch it is connected to shows as up/up... however the cisco switch doesn't show the mac of the F5 in it's table and the ARP shows up as unresolved, incomplete, or just not there at all.

I tried just about everything I can think of, switch out sfps, changed interfaces, hardcoded everything, set everything on the switch and the F5 interface to exaclty the settings as another 10000 series that is working just fine... no matter what I have done so far, I can't get that port to pass traffic. According to the stats the F5 has inbound but no outbound traffic. The switch shows in and out traffic but no mac for the switch interface...

route is same to the gateway address. to GW Address which was pushed from the primary.

The primary works fine, I can ping the self ip, floating ip, and vs ip. If I fail it over to the secondary, I can't ping the floating or the vs address either. same vlan and tagged with the correct switch vlan id.

Any Ideas? This has got me stumped!
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

dcawoodAuthor Commented:
Correction... The F5 Interface statistics show in and out traffic with all inbound traffic being dropped
Are you using VLAN's?  If so is the traffic tagged, or at least supposed to be tagged?

I know if you configure the F5 to have tagged traffic and the traffic comes in either untagged, or with a different VLAN the F5 will drop it.
dcawoodAuthor Commented:
Hey, both F5's are connected to the same switch. Both interfaces are configured for switchport access vlan xxx. The external interface is on both F5's are tagged xxx. The primary doesn't drop any traffic yet the secondary drops all inbound traffic.
I would run a packet capture on the physical interface (tcpdump -i #.#, where #.# is the nubber of the physical interface) of the secondary and see what it thinks is coming in.

I know we had a ton of drops on one of our interfaces where we were using tagged frames.  What we found is that the switch was setup to allow VLAN's that the F5 was not configured for, so the F5 was  dropping all of the frames for the "unknown" VLAN's.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dcawoodAuthor Commented:
You pointed me on the right track. I had the F5 interface set to untagged which should have worked and worked fine on the primary. To fix it, I changed the cisco switchport to trunk with just that vlan allowed and switched the F5 interface to tagged and all is good now Thanks, DC
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.