Forum Discussion
Starting with the last question, yes F5 can do policy-based routing. Basic rulesets can be defined with
Local Traffic Policy
feature. For complex scenarios, you have iRules
which are not that complex to write. Both are available in LTM.
In regards to deployment scenario, you can definitely achieve this. Since you mentioned ASM, just take note that you will have to decrypt SSL/TLS at the firewall or BigIP, otherwise ASM cannot inspect L7 contents.
@ Diagram I'm not sure if everyone will be able to read it the same. Does the Web Server depend on that Database Server service? Or is the Database a standalone service, not related to Web Server underneath Core 1 switch? This one is also unrelated to your questions, but why aren't Core 1 and Core 2 configured as stack of 2 units?.. Or are they?
- ESS-Gamal_35193Feb 17, 2018Nimbostratus
Thank you for your answer yes web server depend on that database server service , also core 1 and core 2 configured as 2 unit not stack , so do you recommend to configured them as stack , and is this change our design ?
- Hannes_Rapp_162Feb 22, 2018Nacreous
Hello, ESS
Yes, I'd definitely configure them as stacked network switches.For your DB physical connectivity, take 1 port from each switch, configure an aggregate LACP link. Do the same for WebApp server(s). If network switches are standalone as on the diagram, you will have less fault tolerance. Upon NS Core1 or Core2 failure, you will lose either DB or WebApp and that's not what you want.