Rajaraman_12066
Nimbostratus
NimbostratusSolved
BIG-IP HA over WAN - Is it a recommended practice?
Hi We plan to setup 2* F5 one each in DC1 and DC2. I plan to run HA pair between them. DCs are 6 kms apart and connected by dedicated fibre link. Can someone please advise?
It's not explicitly discouraged as far as I know, you just need to be aware of potential latency issues. Since network failover works by heartbeats sent across the configured failover link, you have to beware that packet loss or excessive delays may trigger unwanted failovers, and even potentially "split-brain" scenarios, where both devices think for brief moments that their peer has gone down, and so assume active role (active-active).
There is a DB key that allows to configure how long the system waits before declaring it's peer dead:
. Default value is 3 seconds, and this assumes devices in the same data centre. You might want to tweak this a little higher to account for the increased distance. With the value set at 3 seconds, it will take 3 seconds to trigger a failover if the peer is truly down. This means at most 3 seconds of no device actively able to handle traffic. Raising this higher increases this window, but also helps mitigate the risk of split-brain due to transient network issues.failover.nettimeoutsec
