Active-Active between two datacenters

Question

We are deploying two BIG-IP LTM 4000 appliances this Friday. One will be at a remote datacenter, the other at my home office datacenter. The DCs are connected via 1 Gbps fiber, and running OTV between the two.&nbsp;
1) The LTM in the RDC will be supporting Exchange 2013 and eventually Lync 2013. &nbsp;
2) The LTM in my home office will be supporting all future load-balancing applications after we remove the ACE4710s; Sharepoint, SAP, etc. &nbsp;
3) Both will be backups for each other if one fails. &nbsp;
My requirements are that the Exchange servers be on a subnet local to the remote DC only, and not put the L3 gateway on the LTMs. All future load-balancing should be scalable. &nbsp;
I'm currently running my BIG-IPs on 11.4.0 HF 6. Can I please get some input as to how I should be designing this?  Please let me know if there's additional configuration/info necessary for input. &nbsp;

what_lies_bene1 · Answer

Not much notice eh ;-)&nbsp;
Firstly, OTV isn't necessary, L2 adjacency is no longer required for network failover (it's UDP unicast).&nbsp;
I'm not sure how you'll achieve your aim where the local servers are concerned, ConfigSync works against you. I assume you want failover to be automatic?&nbsp;
What failover scenarios are you looking at? Priority group activation may be an idea where each pool has the home DC servers set at a higher priority than the remote ones. If the home DC or servers fail, failover occurs and the home DC servers will no longer be available and thus the remote servers will be used. &nbsp;
I don't think that fits the active/active model very well mind.&nbsp;
The ideal would probably be to not run HA, configure each separately and use some other mechanism (GTM, DNS...) to direct traffic between the two. &nbsp;

zuke_149069 · Answer

WLB, thanks for your response. If anything I say doesn't make sense, then it's because I'm 1) brand new to F5/BIG-IP platform and 2) not very smart. &nbsp;
My original implementation thoughts are something like this:&nbsp;
HA and Virtual Server addresses will be in OTV subnets between the two DCs.&nbsp;
Configure SNAT pool for local addresses, with a self/floating IP in that subnet on both F5s.&nbsp;
This would (in my theory) allow the real server IP addresses to remain local, while allowing for failover in the event one F5 was unavailable. Traffic would traverse the fiber link twice per request which obviously isn't ideal, but it would allow for load balancing to continue. &nbsp;
When it comes time to deploy the other services, my plan was to create a second traffic group with the other LTM as the primary, etc. &nbsp;
Does that make sense?&nbsp;

what_lies_bene1 · Answer

It does but it's far from ideal. If you can live with the trombone then carry on as you would for any active/active configuration. &nbsp;

Forum Discussion

Active-Active between two datacenters

3 Replies

Recent Discussions

Transaction looks successful but file not downloading

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Related Content

Active/Active load balancing examples with F5 BIG-IP and Azure load balancer

Azure Active Directory and BIG-IP APM Integration

Re activate license failed

F5 Active Standby Node Configuration

Activate serverssl profile in iRule