Failsafe monitors

Question

The question is very simple, but introduction is a bit long... 
&nbsp;  
&nbsp; Setup: 
&nbsp; 2 LTM v9 (Active-Standby configuration) are cross-connected to 2 FW (Active-Standby configuration) (Juniper, NSRP). Nothing else is there – no switches, just 4 Ethernet cables. 
&nbsp; Each LTM has 2 ports on external VLAN, each LTM port connects to different FW (I.e. no STP is needed) 
&nbsp; Same picture from FW standpoint – each FW has 2 ports on a zone connected to LTMs, each FW port connects to different LTM. 
&nbsp;  
&nbsp; Obviously, the configuration above required failsafe monitoring. 
&nbsp; Namely, if cable disconnected between active LTM and active FW, either LTM or FW needs to perform failover [since neither standby LTM nor FW will forward traffic]. 
&nbsp;  
&nbsp; (A) LTM can monitor external VLAN (and perform ARP request against default gateway) 
&nbsp; (B) FW can monitor LTM floating IP on external VLAN. 
&nbsp;  
&nbsp; Questions: 
&nbsp; How log LTM failover takes? How much it depends on traffic/load and connections mirroring, etc? 
&nbsp;  
&nbsp; 2. Suppose in average I have 3-5 sec on FW failover, and 5-10 sec on LTM failover. 
&nbsp; FW monitor timeout (B) is set to 4 sec. 
&nbsp; On LTM failover (automatic or forced) LTM floating IP might be down long enough to cause FW failover as well.  
&nbsp; And ever worse, when LTM failover has completed, FW might be unavailable, because it is performing failover itself, consequently causing LTM failover again. Not exactly a positive feedback loop, but definitely can throw a system out of equilibrium... 
&nbsp;  
&nbsp; So both monitor timeouts should be chosen carefully. 
&nbsp; I cannot find any references on how to calculate them properly. :-( 
&nbsp; From common sense, at least one of them should be bigger than combined failover time (LTM + FW) plus some small constant to take care of fluctuation. 
&nbsp; Documentation mentions, default timeout for VLAN failsafe monitor is 90 sec, but it seems way too much for me. 
&nbsp; Can anybody share what is the guideline there? 
&nbsp; From another hand, it might be that I build a system in wrong way completely, didn’t I? 
&nbsp; My “weighted” experience with LTMs ~2 hours total. :-) 
&nbsp;  
&nbsp;

dennypayne · Answer

I have several customers using a 1 second gateway failsafe interval with a 5 -6 second timeout and this works well.  I would not recommend going below 5 seconds on the timeout or you might be susceptible to false failures (flapping up and down). 
&nbsp;  
&nbsp; Denny

oleg_68900 · Answer

Danny, 
&nbsp; Thanks for the answer. :-) 
&nbsp;  
&nbsp; &gt;a 1 second gateway failsafe interval with a 5 -6 second timeout 
&nbsp; Just to make sure, I got you right - in my configuration it means I need to setup: 
&nbsp; On LTM side: 
&nbsp; Create custom (Gateway ICMP) monitor Interval = 1 &amp; timeout = 5 | 6 
&nbsp; Create a pool (with 1 IP = LTM default gateway) 
&nbsp; Create failsafe monitor based on the pool with Threshold = 1 &amp; Action = Fail Over. 
&nbsp;  
&nbsp; Side note: Have you ever try using VLAN monitors? How do we set interval there (for ARP requests)? 
&nbsp;  
&nbsp; What are the monitor parameters on router/FW side? 
&nbsp; And what are the average failover timings on both sides? 
&nbsp;  &nbsp;

Forum Discussion

Failsafe monitors

2 Replies

Recent Discussions

Maximum throughput of f5 ltm

Issue on license renewal

iRule cookie persistence and pool redirect

redirect not working

Access azure app service using f5 LTM

Related Content

Interface Failsafe Monitor

LTM: Interface Failsafe

VLAN Failsafe failover settings change on STANDBY device - affect ACTIVE device?

Health monitor question

F5 Distributed Cloud - Regional Edge Health Monitoring Insights