Are 1.1 and 1.2 attached to the same VLAN, as defined on the BIG-IP? If they are not, then the BIG-IP should not switch traffic between them. Even if they are on a common VLAN, if there is a matching Virtual Server bound to the VLAN, that should handle the traffic (that is, the traffic should not be simply switched between interfaces).
In your diagram, you list a switch connected to 1.1 and a switch connected to 1.2. Naturally, if they are in fact the same switch (or are interconnected switches) and the client-side and server-side are on a common VLAN, then the traffic will never traverse the BIG-IP. I mean a topology like this:
CLIENT BIG-IP
| |
SWITCH ---- SWITCH ---- PROXIES
|
+ ---- FW
(where each "line" is a segment on the same VLAN as all other "lines").
If you want to ensure that the traffic is flowing through the BIG-IP at all, you can
tcpdump
on the physical interface (though there is a hard 100 packet-per-second limit, so this will only work when the traffic volume is low):
You will naturally see any broadcast traffic (particularly ARP) and any flooded traffic (from switches that do not have a mac-forwarding entry), but should see unflooded unicast traffic on both 1.1 and 1.2 only if the BIG-IP is switching or forwarding.
Incidentally, what is your configuration for handling the client traffic? I would anticipate that you have a wildcard Virtual Server (0.0.0.0:80) listening on the client-side VLAN associated with a pool containing the proxies. I would further anticipate that it is a Standard Virtual Server and that it has address-translation enabled (by this I mean destination translation rather than source/SNAT translation).