VMware Cloud Community
gregorytd
Contributor
Contributor
‎04-17-2019 12:43 PM

ESXi 6.7 Update 2 breaks F5 VE

Hi all,

After I updated to ESXi to 6.7 Update 2 from Update 1, my F5 Virtual Edition could not longer communicate on its SELF IPs.  I verified my configurations and everything looked good.  After preforming a rollback to ESX 6.7 Update 1 on one of my ESX hosts the F5 VE started working as expected again.

Anyone else have this issue or might understand why ESXi 6.7 Update 2 might break the SELF IPs?

I have a vSwitch configured using 2 physical NICs that are trunked and configured for ip hash. on that vSwitch a port group for All VLANS (ID 4095).  The F5 VE nics are assigned to that ALLv VLANs port group.  In the F5 the VLANs are set for tagged traffic with the VLAN number.  

This config above as mentioned has been working for 8 months until the Update 2 upgrade.

Any thoughts or should I roll back my other ESX host to Update 1?

This is an essential license and looks like I cannot open a support case.  This is just my lab environment so not terrible worried but would like Update 2 applied for the security vulnerabilities it fixes.

Thanks,

Greg

4 Replies
robvan3
Contributor
Contributor
‎04-22-2019 10:02 AM

I experienced the same issue.  The management port is the only port that stayed online.  Ports 1.1, 1.2, and 1.3 lost all connectivity at layer 1 or 2 as they would not respond to ARP requests.

0 Kudos
gregorytd
Contributor
Contributor
‎04-22-2019 01:51 PM

@robvan3 if you ssh to the F5 appliance you will notice that 1.1, 1.2, and 1.3 are up and initialized with the self IP, still not sure why traffic is not flowing.  I had tried setting the security modes for forged transmits and mac address changes to accept on the vSwitch but made no difference.  I also assigned 1.3 directly to a specific VLAN and changed the SELF-IP from tagged to untagged and issue still persisted.

Other than above, I have not had anymore time to troubleshoot it at the moment.

0 Kudos
raptorswithtoph
Contributor
Contributor
‎04-22-2019 02:58 PM

It looks like F5 VE is not supported for ESXi 6.7 U2 currently:

"ESXi 6.7 Update 2 is not currently supported."

BIG-IP Virtual Edition Supported Platforms

gregorytd
Contributor
Contributor
‎06-10-2019 07:08 AM

Workaround is here or upgrade F5 to version 15.0

https://support.f5.com/csp/article/K74921042

0 Kudos