AltostratusHi everyone,
For now, I'm currently not sure if my HA set-up would work fine.
I have 2 DCs for the internal users/employee and each DC1 and DC2 would have a single LTM appliance. Both DCs are linked via 100Mb MPLS.I want to make an HA for my 2 devices. I need your recommendation/suggestions regarding on this HA set-up.
Thank you!
Regards, Justine
CirrostratusHi,
Are all VLAN's available in both DC's via the MPLS network?
I would create a Device Group with both LTM devices for Sync-Failover. Use a seperate VLAN for Config Sync and use failover method 'Network' because the serial option cannot be used if the LTM devices are located in different DC's.
Maybe you can use two Traffic-Groups so users near DC1 are using the VS's active on the LTM in DC1 and users near DC2 are using the VS's active on the LTM in DC2.
But in this simple setup the VLAN's for the VS's and the Pool Members must available in both DC's.
Martijn.
AltostratusHi Martijn,
Thanks for the reply. Since creating traffic-groups for each DC, you meant that the HA mode would be active/active right? What if both DCs pool members have different vlans, would it be possible to pursue HA? Right now,i want to use active/standby mode, users from both DCs could access the resources through LTM1 in DC1, and when there is trouble on LTM1, LTM2 becomes the active and traffic will still continue on LTM2 at DC2.
CirrostratusYes, when creating Traffic-Groups, you can have one Traffic-Group active in DC1 and standby in DC2. The other Traffic-Groep is active in DC2 and standby in DC1. But you just want simple HA.
For HA to work, both BIP-IP appliances need the same configuration in terms of nodes, pool-members, pools and virtual servers. This is the kind of information that is synced in a Sync-Failover setup. Also float-IP's are synced. I am not sure what happens when float-IP is synced to a LTM device on which the VLAN and subnet is not available.
Does not sound like a stable setup.
Martijn.
AltostratusThanks Martijn.Which is better,active/active or active/standby mode? Though F5 recommends to use the active/standby mode. I would like to pursue on active/standby mode. Forgot to inform to you that DC1 is the active and DC2 is just a backup so they have the same resources or DC2 is just a replicate of DC1. Would it be possible that when LTM1 at DC1 goes down and LTM2 becomes the active,then users from DC1 could still access the resources and be load balanced using LTM2 to DC1 resources?
CirrusHi,
Are all VLAN's available in both DC's via the MPLS network?
I would create a Device Group with both LTM devices for Sync-Failover. Use a seperate VLAN for Config Sync and use failover method 'Network' because the serial option cannot be used if the LTM devices are located in different DC's.
Maybe you can use two Traffic-Groups so users near DC1 are using the VS's active on the LTM in DC1 and users near DC2 are using the VS's active on the LTM in DC2.
But in this simple setup the VLAN's for the VS's and the Pool Members must available in both DC's.
Martijn.
AltostratusHi Martijn,
Thanks for the reply. Since creating traffic-groups for each DC, you meant that the HA mode would be active/active right? What if both DCs pool members have different vlans, would it be possible to pursue HA? Right now,i want to use active/standby mode, users from both DCs could access the resources through LTM1 in DC1, and when there is trouble on LTM1, LTM2 becomes the active and traffic will still continue on LTM2 at DC2.
CirrusYes, when creating Traffic-Groups, you can have one Traffic-Group active in DC1 and standby in DC2. The other Traffic-Groep is active in DC2 and standby in DC1. But you just want simple HA.
For HA to work, both BIP-IP appliances need the same configuration in terms of nodes, pool-members, pools and virtual servers. This is the kind of information that is synced in a Sync-Failover setup. Also float-IP's are synced. I am not sure what happens when float-IP is synced to a LTM device on which the VLAN and subnet is not available.
Does not sound like a stable setup.
Martijn.
AltostratusThanks Martijn.Which is better,active/active or active/standby mode? Though F5 recommends to use the active/standby mode. I would like to pursue on active/standby mode. Forgot to inform to you that DC1 is the active and DC2 is just a backup so they have the same resources or DC2 is just a replicate of DC1. Would it be possible that when LTM1 at DC1 goes down and LTM2 becomes the active,then users from DC1 could still access the resources and be load balanced using LTM2 to DC1 resources?
NimbostratusYes, it is possible Justine. If all your HA configuration is correct w.r.t DC1 & DC2 where they can sync, like Martijn suggested traffic-group, vlan for config sync. kindly check below link.
Thank you.
AltostratusThanks! Do you have an idea what is the bearing time for HA health packets? To avoid active/active situation when the mode is A/S.
NimbostratusDoes your question mean, standby become active in what time (sec) when there is failover?
AltostratusYes..does it have a threshold of health packets to be received before the standby becomes active which would result to active/active. Or maybe because of very high latency that the standby would assume that the active is down?
CirrusYes, it is possible Justine. If all your HA configuration is correct w.r.t DC1 & DC2 where they can sync, like Martijn suggested traffic-group, vlan for config sync. kindly check below link.
Thank you.
AltostratusThanks! Do you have an idea what is the bearing time for HA health packets? To avoid active/active situation when the mode is A/S.
CirrusDoes your question mean, standby become active in what time (sec) when there is failover?
AltostratusYes..does it have a threshold of health packets to be received before the standby becomes active which would result to active/active. Or maybe because of very high latency that the standby would assume that the active is down?
AltostratusCould anyone help me regarding on this set-up? Thanks!