• Case Management

Subscriptions

Product usage, registration keys.

  • BIG-IP 14.x
  • BIG-IP 13.x
  • BIG-IP 12.x
  • BIG-IP 11.x

Activate F5 product registration key

Verify the proper operation of your BIG-IP system

Get up to speed with free self-paced courses

Join the community of 300,000+ technical peers

Advance your career with F5 Certification

Product Manuals and Release notes

  • Knowledge Centers
  • BIG-IP TMOS: Routing Administration

Applies To:

  • 11.6.5 , 11.6.4 , 11.6.3 , 11.6.2 , 11.6.1

BIG-IP Analytics

Big-ip link controller, introduction to big-ip system interfaces.

A key task of the BIG-IP system configuration is the configuration of BIG-IP system interfaces. The interfaces on a BIG-IP system are the physical ports that you use to connect the BIG-IP system to other devices on the network. These other devices can be next-hop routers, Layer 2 devices, destination servers, and so on. Through its interfaces, the BIG-IP system can forward traffic to or from other network devices.

Every BIG-IP system includes multiple interfaces. The exact number of interfaces that you have on the BIG-IP system depends on the platform type.

A BIG-IP system has two types of interfaces:

Each of the interfaces on the BIG-IP system has unique properties, such as the MAC address, media speed, duplex mode, and support for Link Layer Discovery Protocol (LLDP).

In addition to configuring interface properties, you can implement a feature known as interface mirroring , which you can use to duplicate traffic from one or more interfaces to another. You can also view statistics about the traffic on each interface.

Once you have configured the properties of each interface, you can configure several other features of the BIG-IP system that control the way that interfaces operate. For example, by creating a virtual local area network (VLAN) and assigning interfaces to it, the BIG-IP system can insert a VLAN ID, or tag, into frames passing through those interfaces. In this way, a single interface can forward traffic for multiple VLANs.

About link layer discovery protocol

The BIG-IP system supports Link Layer Discovery Protocol (LLDP). LLDP is a Layer 2 industry-standard protocol (IEEE 802.1AB) that enables a network device such as the BIG-IP system to advertise its identity and capabilities to multi-vendor neighbor devices on a network. The protocol also enables a network device to receive information from neighbor devices.

LLDP transmits device information in the form of LLDP messages known as LLDP Data Units (LLDPDUs). In general, this protocol:

  • Advertises connectivity and management information about the local BIG-IP device to neighbor devices on the same IEEE 802 LAN.
  • Receives network management information from neighbor devices on the same IEEE 802 LAN.
  • Operates with all IEEE 802 access protocols and network media.

Using the BIG-IP Configuration utility or tmsh , you can configure the BIG-IP system interfaces to transmit or receive LLDPDUs. More specifically, you can:

  • Specify the exact content of LLDPDUs that a BIG-IP system interface transmits to a neighbor device. You specify this content by configuring the LLDP Attributes setting on each individual interface.
  • Globally specify the frequencies of various message transmittal properties, and specify the number of neighbors from which each interface can receive messages. These properties apply to all interfaces on the BIG-IP system.

This figure shows a local LLDP-enabled BIG-IP system, configured to both transmit and receive LLDP messages from neighbor devices on a LAN.

A local BIG-IP system that transmits and receives LLDPDUs

Interface properties

Each interface on the BIG-IP system has a set of properties that you can configure, such as enabling or disabling the interface, setting the requested media type and duplex mode, and configuring flow control. Configuring the properties of each interface is one of the first tasks you do after running the Setup utility on the BIG-IP system. While you can change some of these properties, such as media speed and duplex mode, you cannot change other properties, such as the media access control (MAC) address.

Before configuring interface properties, it is helpful to understand interface naming conventions. Only users with either the Administrator or Resource Administrator user role can create and manage interfaces.

Interface naming conventions

By convention, the names of the interfaces on the BIG-IP system use the format <s>.<p> where s is the slot number of the network interface card (NIC), and p is the port number on the NIC. Examples of interface names are 1.1 , 1.2 , and 2.1 . BIG-IP system interfaces already have names assigned to them; you do not explicitly assign them.

An exception to the interface naming convention is the management interface, which has the special name, MGMT.

About interface information and media properties

Using the BIG-IP Configuration utility, you can display a screen that lists all of the BIG-IP system interfaces, as well as their current status ( UP or DOWN ). You can also view other information about each interface:

  • MAC address of the interface
  • Interface availability
  • Media speed
  • Active mode (such as full)

This information is useful when you want to assess the way that a particular interface is forwarding traffic. For example, you can use this information to determine the specific VLANs for which an interface is currently forwarding traffic. You can also use this information to determine the speed at which an interface is currently operating.

Interface state

You can either enable or disable an interface on the BIG-IP system. By default, each interface is set to Enabled, where it can accept ingress or egress traffic. When you set the interface to Disabled, the interface cannot accept ingress or egress traffic.

Fixed Requested Media

The Fixed Requested Media property shows that the interface auto-detects the duplex mode of the interface.

About flow control

You can configure the way that an interface handles pause frames for flow control. Pause frames are frames that an interface sends to a peer interface as a way to control frame transmission from that peer interface. Pausing a peer’s frame transmissions prevents an interface’s First-in, First-out (FIFO) queue from filling up and resulting in a loss of data. Possible values for this property are:

About the Ether Type property

The Ether Type property appears in the BIG-IP Configuration utility only when the system includes ePVA hardware support. An ether type is a two-octet field in an Ethernet frame, used to indicate the protocol encapsulated in the payload. The BIG-IP system uses the value of this property when an interface or trunk is associated with a IEEE 802.1QinQ (double tagged) VLAN. By default, the system sets this value to 0x8100 .

About the LLDP property

The LLDP property is one of two properties related to LLDP that you can configure for a specific interface. The possible values for this setting are:

In addition to the LLDP-related settings that you can configure per interface, you can configure some global LLDP settings that apply to all interfaces on the system.

Moreover, you can view statistics pertaining to any neighbor devices that have transmitted LLDP messages to the local BIG-IP system.

LLDP Attributes

The LLDP Attributes setting is one of two settings related to LLDP that you can configure for a specific interface. You use this interface setting to specify the content of an LLDP message being sent or received. Each LLDP attribute that you specify with this setting is optional and is in the form of Type, Length, Value (TLV).

About interface mirroring

For reliability reasons, you can configure a feature known as interface mirroring. When you configure interface mirroring , you cause the BIG-IP system to copy the traffic on one or more interfaces to another interface that you specify. By default, the interface mirroring feature is disabled.

Neighbor settings

When a BIG-IP system interface receives LLDP messages from neighbor devices, the BIG-IP system displays chassis, port, and system information about the content of those messages. Specifically, the system displays values for the standard TLVs for each neighbor. These TLVs are:

Configuring settings for an interface

  • On the Main tab, click Network > Interfaces > Interface List . The Interface List screen displays the list of interfaces on the system.
  • In the Name column, click an interface number. This displays the properties of the interface.
  • For the State setting, verify that the interface is set to Enabled .
  • From the LLDP list, select a value.
  • For the LLDP Attributes setting, verify that the list of attributes in the Send field includes all Time Length Values (TLVs) that you want the BIG-IP system interface to send to neighbor devices.
  • Click the Update button.

Related configuration tasks

After you have configured the interfaces on the BIG-IP system, one of the primary tasks you perform is to assign those interfaces to the virtual LANs (VLANs) that you create. A VLAN is a logical subset of hosts on a local area network (LAN) that reside in the same IP address space. When you assign multiple interfaces to a single VLAN, traffic destined for a host in that VLAN can travel through any one of these interfaces to reach its destination. Conversely, when you assign a single interface to multiple VLANs, the BIG-IP system can use that single interface for any traffic that is intended for hosts in those VLANs.

Another powerful feature that you can use for BIG-IP system interfaces is trunking, with link aggregation. A trunk is an object that logically groups physical interfaces together to increase bandwidth. Link aggregation, through the use of the industry-standard Link Aggregation Control Protocol (LACP), provides regular monitoring of link status, as well as failover if an interface becomes unavailable.

Finally, you can configure the BIG-IP system interfaces to work with one of the spanning tree protocols (STP, RSTP, and MSTP). Spanning tree protocols reduce traffic on your internal network by blocking duplicate routes to prevent bridging loops.

Have a Question?

  • Corporate Information
  • Investor Relations
  • About AskF5
  • Certification
  • F5 University
  • Free Online Training
  • Support Portal
  • Partner Central

Support Tasks

  • Read Support Policies
  • Create Service Request
  • Leave feedback [+]

©2023 F5 Networks, Inc. All rights reserved.

Network & Security Consultant

Learn from network & security consultant, friday, april 3, 2020, how the mac address assignment works in f5.

  • Share This:  
  •  Facebook
  •  Twitter
  •  Google+
  •  Stumble

3 comments:

f5 mac address assignment

Good work kareem, keep doing this work

f5 mac address assignment

Great work !!! Keep going on....

Great work Kareem

Do Not Copy Content

Follow me on linkedin.

  • Terms & Conditions
  • PRIVACY Page

Popular Posts

' border=

  • Differences between IKEv1 and IKEv2 Differences between IKEv1 and IKEv2 --> IKEv2 is an enhancement to IKEv1. --> IKEv2 does not consume more bandwidth compared to I...

' border=

  • What is the difference between VSS and vPC? Basically VSS and Vpc both are used to create multi chasis etherchannel 1) vPC is Nexus switch specific feature,however,VSS is created u...
  • What is DHCP Option 43 and Option 60 --> We basically use DHCP option 43 and option 60 in wireless networks for Access  Points and Controllers. --> Option 43 helps an A...

' border=

  • Data Center
  • Interview Questions
  • Troubleshooting

f5 mac address assignment

K50122514: Interface mac address may change when software upgrade is performed.

Description After upgrading the BIGIP software, MAC address of interface changes, which can cause the neighboring devices to fail to respond to ARP requests initiated by BIGIP unless the ARP cache is cleared on neighboring devices such as eBGP router. 

Environment

  • Software Upgrade

Cause Each BIG-IP system has a pool of available MAC addresses that can be assigned to interfaces, trunks, and Virtual Local Area Networks (VLANs). Interface MAC assignment may change after the upgrade, restart, or restarting the mcpd process, this behaviour is by design. 

Recommended Actions

You may either restart the device or clear the ARP cache on the upstream devices. 

Additional Information The below example explains how the MAC address changes after upgrade. 

Related Content

sys mac-address ¶

Forum Discussion

Icon for Nimbostratus rank

Get MAC address of client machine

Icon for Cirrostratus rank

Related Content

F5 big-ip access policy manager (apm) machine tunnels for windows, apm custom address space by client ip, restricting access to virtual from client ip address in x-forwarder-for http header, zero trust building blocks - machine identity management (mim) and workload protection, filtering traffic based on client ip address and url, recent discussions, direct connect 2 rseries, f5access | macos sonora, rewrite single cookie "usercookie" domain if cookie domain is "www1.test,example.com", ssl handshake failed, apm: basic sso is failing now and then.

[EX] Explanation of MAC address assignments in a Virtual Chassis

This article explains the assignments of MAC addresses for Layer 2 Access/Trunk interfaces, Layer 3 interfaces and aggregated interfaces in a Virtual Chassis environment.

MAC address of chassis:

Fpc0 is the primary routing engine, four rvis configured on the switch:, mac address of rvis are constant for all rvis. the calculation of the rvi mac address is base mac address of primary routing engine + 1 :, six access ports (3 on each member), e.g., ge-0/0/0, ge-1/0/0, ge-0/0/1, ge-1/0/1, ge-0/0/2 and ge-1/0/2, and mapped vlans with their respective interfaces:, layer 2 interfaces and their mac address assignment is on the basis of the local chassis mac address..

Their current and hardware address is same for that particular interface. Two trunk interfaces are configured, which was mapped for all VLANs, e.g. ge-0/0/3, ge-0/0/4, ge-1/0/3 and ge-1/0/4.

The MAC address of trunk interfaces is derived from local chassis MAC address.

The current mac address of the l3 physical interface is derived from the primary routing engine..

The hardware address is the local port address of the switch on the Virtual Chassis. On the Virtual Chassis, two L3 physical interfaces have the same MAC address, for example: ge-0/0/6 has the same current MAC address as ge-1/0/6. Two aggregated interfaces are configured (2 physical interfaces in 1 bundle):

The aggregated interfaces have the MAC address from the Primary Routing Engine, and the hardware MAC address is a child interface MAC address. If you configure an aggregated interface as a L3, it has the same behavior as above.

2021-03-25: Updated the article terminology to align with Juniper's Inclusion & Diversity initiatives.

AFFECTED PRODUCT SERIES / FEATURES

People also viewed.

MAC Address Lookup

Find the vendor name of a device by entering an OUI or a MAC address

What does it do?

MACLookup provides an easy way to search for MAC address prefixes and matches them to the chipset's manufacturer. It uses the IEEE database.

We update MAC address lookup database as soon as we have new information from the IEEE database and Wireshark manufacturer database. There are more than 51K MAC address prefixes in the database. The database was last updated on 19 March 2024

For each search, you will always have the most accurate manufacturer, vendor or organization data, without having to worry about updating a database. You can freely download the database here

The public Rest API is available for free and provides a powerful tool for retrieving detailed vendor information about any MAC address or OUI. With this API, you can seamlessly integrate MAC address and OUI lookup functionality into your applications, services, or systems. More info...

  • MA-L : 35272 (68.9%)
  • MA-M : 5225 (10.2%)
  • MA-S : 5917 (11.5%)
  • CID : 181 (0.3%)
  • IAB : 4578 (9.1%)

Latest OUIs registered

Latest ouis modified.

Forum Discussion

Icon for Nimbostratus rank

MAC address of Floating IP address /Self IP address

Icon for Noctilucent rank

Related Content

Decoding the ipv4 address from the persistence cookie, csv to address external datagroup file, snat ip address logging, destination address at f5, virtual address from address list is down after assignment to vs, recent discussions, direct connect 2 rseries, f5access | macos sonora, rewrite single cookie "usercookie" domain if cookie domain is "www1.test,example.com", ssl handshake failed, apm: basic sso is failing now and then.

IMAGES

  1. Basics of MAC Addressing

    f5 mac address assignment

  2. f5 BIG IP

    f5 mac address assignment

  3. Introduction of MAC Address in Computer Network

    f5 mac address assignment

  4. Switch Mac Basis. Switch Mac Address Table Basis

    f5 mac address assignment

  5. How to Find MAC Address on Windows 11 in 2022

    f5 mac address assignment

  6. How to find MAC address of router?

    f5 mac address assignment

VIDEO

  1. Mth645 fuzzy logic and applications quiz 2 with full explanation

  2. 😁😁 MAC ADDRESS CHANGED

  3. News Analysis Assignment

  4. VIDEO 03 : IWLAN IP Address Assignment

  5. Add roles: DHCP Server

  6. Tally ERP.9 Part-14

COMMENTS

  1. MAC address assignment for interfaces, trunks, and VLANs (11 ...

    MAC address assignment for interfaces. The BIG-IP system assigns a MAC address from the pool to each interface, including the management interface and hidden interfaces. However, switch interfaces use their assigned MAC address only for L2 protocols (STP, LACP, etc.). The BIG-IP system uses the MAC address of the VLAN to pass L3 or above traffic.

  2. MAC address assignment in VELOS and rSeries systems

    Topic This article applies to VELOS and rSeries systems. For information about other BIG-IP platforms, refer to: K14513: MAC address assignment for interfaces, trunks, and VLANs (11.x and later) Description Overview of the pool of available MAC addresses MAC address assignment in tenants Overview of the pool of available MAC addresses Each VELOS and rSeries platform has a pool of available MAC ...

  3. MAC address assignment for interfaces, trunks, and VLANs (9.x

    K12362: VIPRION systems may assign an all-zero MAC address to a VLAN when the vlan.assignment DB variable is set to global. If your BIG-IP system assigns a VLAN with an all-zero MAC address or null, but is not affected by the issues described in SOL11200 or SOL12362, contact F5 Technical Support for further assistance. Contact Support ...

  4. Self IP addresses and MAC addresses

    For each self IP address that you create for a VLAN, the BIG-IP ® system automatically assigns a media access control (MAC) address. As an alternative, you can globally configure the BIG-IP system to assign the same MAC address to all VLANs. This feature is useful if your network includes a type of switch that does not keep a separate Layer 2 ...

  5. MAC address assignment in F5

    Hi, Is there an updated article on the mac-address assignments of F5? This link doesn't seem to work...

  6. VLANs VLAN Groups and VXLAN

    Each VLAN has a MAC address. The MAC address of a VLAN is the same MAC address of the lowest-numbered interface assigned to that VLAN. The BIG-IP system supports two methods for sending and receiving messages through an interface that is a member of one or more VLANs. These two methods are port-based access to VLANs and tag-based access to VLANs.

  7. MAC address assignment and shared MAC addresses on FirePass ...

    TopicOn some FirePass platforms, the Media Access Control (MAC) address of each network interface is unique. On other FirePass platforms, two or more network interfaces share a single MAC address. When deploying a FirePass platform that uses a shared MAC address, extra planning is required to ensure that traffic routes properly to the FirePass controller.

  8. Interfaces

    You can use this procedure to configure the settings for an individual interface on the BIG-IP system. On the Main tab, click Network > Interfaces > Interface List. The Interface List screen displays the list of interfaces on the system. In the Name column, click an interface number.

  9. Configuring MAC masquerade (11.x

    Topic This article applies to BIG-IP 11.x through 17.x. For information about other versions, refer to the following article: K7214: Configuring MAC masquerade (9.x - 10.x) Purpose You should consider using this procedure under the following conditions: You want to minimize Address Resolution Protocol (ARP) communication or dropped packets during traffic group failover events.

  10. Mac address

    The solution article entitled K14513: MAC address assignment for interfaces, trunks, and VLANs should provide most of the information you need about determining the MAC addresses for a BIG-IP system. ... MAC address assignment in F5. Dec 22, 2022 kristine_v. F5 apm on mac os resolve.conf patch. Dec 26, 2022 Booli. MAC Masquerade.

  11. Section 1

    A media access control address (MAC address) is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment. This use is common in most IEEE 802 networking technologies, including Ethernet, Wi-Fi, and Bluetooth.

  12. How the MAC address assignment works in F5?

    tmsh list /sys db vlan.macassignment. --> To check the MAC addresses assigned to the interface/VLAN/Trunk on the BIG IP System then execute the following command: tmsh show sys mac-address. --> To check the MAC address assigned to each VLAN by typing the following command: tmsh show net vlan. --> We can configure the above setting using GUI ...

  13. Interface mac address may change when software upgrade is performed

    Environment Software Upgrade MAC Cause Each BIG-IP system has a pool of available MAC addresses that can be assigned to interfaces, trunks, and Virtual Local Area Networks (VLANs). Interface MAC assignment may change after the upgrade, restart, or restarting the mcpd process, this behaviour is by design. Recommended Actions You may either ...

  14. sys mac-address

    MODULE sys SYNTAX Display the MAC addresses associated with a BIG-IP system configuration using the syntax in the following section. DISPLAY show mac-address options: field-fmt DESCRIPTION You can use the mac-address component to display the location on the BIG-IP system of the MAC addresses associated with a configuration object.

  15. Get MAC address of client machine

    Get MAC address of client machine. Hello, I am trying to get the MAC address of client machines that connect. These are windows 10 OS and we are using the BIG-IP APM version 13.0.1. I have tried assigning a variable in the access policy to get the MAC and log it in the session log. I have also tried coming up with and iRule that doesn't work.

  16. [EX] Explanation of MAC address assignments in a Virtual Chassis

    The hardware address is the local port address of the switch on the Virtual Chassis. On the Virtual Chassis, two L3 physical interfaces have the same MAC address, for example: ge-0/0/6 has the same current MAC address as ge-1/0/6. Two aggregated interfaces are configured (2 physical interfaces in 1 bundle): AE0 ge-0/0/10 Current address: 2c:6b ...

  17. MAC Address Vendor Lookup

    We update MAC address lookup database as soon as we have new information from the IEEE database and Wireshark manufacturer database. There are more than 51K MAC address prefixes in the database. The database was last updated on 14 March 2024 Data. For each search, you will always have the most accurate manufacturer, vendor or organization data ...

  18. address MAC

    MAC address assignment in F5. Dec 22, 2022 kristine_v. Decoding the IPv4 address from the persistence cookie. Nov 09, 2023 JRahm. SNAT IP address logging. Jun 14, 2023 JohnnyG. CBC ciphers in relation to RFC7366 Encrypt-then-MAC. May 16, 2023 Stefan_Klotz.

  19. MAC address of Floating IP address /Self IP address

    If you have mac-masquerade configured, it will use the mac assigned to the floating self-IP's traffic group: tmsh list cm traffic-group traffic-group-1 mac. Otherwise, it should take on the mac-address associated with its vlan: tmsh show net self (name of floating-ip) If neither of those work for you, go to a device in the same subnet as the ...