Auto Last Hop is a nice feature in F5 LTM

Auto Last Hop is a nice feature in F5 LTM
0

When you have firewalls in front of F5, any asymmetric routing will cause the traffic drop by the firewalls.

For an example, multiple uplinks with one default gateway without auto last hop will send all traffic via the default gateway, this is not desiable in an environment with firewalls. Auto last hop sovles this with routing based on layer 2.

It IS a nice feature! Want to add a few recommendations too:


Just be careful as it's not a catch all solution. I in the lab environment auto last hop made it possible to monitor the F5, but until an actual default route was implemented we got weird errors on and off.


Also, if your firewall is using GARP as failover the F5 unit would continue sending packets via virtual forwarding servers to the previously active Firewall in case of failover. That one was a tricky one to find! :)