Forum Discussion

sonu_kumar4's avatar
sonu_kumar4
Icon for Altostratus rankAltostratus
May 28, 2018

HA setup and Traffic-groups

Hello Guys,

 

I need your views on some of my concern so let's begin , We have one LTM name LTM-1 5250v with two VCMP guests , Guest 1 & Guest 2 since it's in production as standalone device we have procured new same hardware (5250v) LTM name LTM-2 and create same VCMP Guests . Guest 1 and Guest 2 . Now I have to bring them in HA pair like Active/Standby so here I have concerns. 1- Can I make Guest 1 active on LTM-1 and Guest2 Active on LTM-2 and they both standby of each other respectively ? If it's possible then how ? 2- What is the Traffic-Group (traffic-group-local-only & traffic-group-1 ) and how they are related with HA setup ? 3- What is device group and how they are related with HA setup ? 4- In my current configuration if I go to the self IPs tab then I see two IPs associated with same VLAN (VLAN-100)like DMZ :- One IP like 10.1.1.2 (Self -IP Traffic-group "traffic-group-local-only" ) second IP like 10.1.1.1 (Flot-ip Traffic-group "traffic-group-1") so here which IP I need to point on firewall/router as gateway ? and second thing when I start config/HA utility then it ask me for Floating IP for this particular VLAN (VLAN-100) then shall I type any new IP from this VLAN-100 or use the existing floating IP (10.1.1.1) which is in traffic-group 1 ?

 

Please provide me your valuable inputs on this to being my HA setup active.

 

Thanks in advance .

 

1 Reply

  • it's a bit disconcerting to call an Hypervisor LTM (LTM is a module). So to sum up: you have 1 hypervisor (5250v) with 2 Guest standalone hosted in this hypervisor. you acquired a new hypervisor.

     

    VCM Guest - Hyperviseur 1 - Guest-A-1 (standalone) - Guest-B-1 (standalone)

     

    1- Can I make Guest 1 active on LTM-1 and Guest2 Active on LTM-2 and they both standby of each other respectively ?

     

    Yes you can, you can manage easly how is active or standby by switching failover... it's not a setting but you can stick how is active or standby manually.

     

    VCM Guest - Hyperviseur 1 - Guest-A-1 (Activ) - Guest-B-2 (standby)

     

    VCM Guest - Hyperviseur 2 - Guest-A-2 (standby) - Guest-B-1 (Activ)

     

    2- What is the Traffic-Group (traffic-group-local-only & traffic-group-1 ) and how they are related with HA setup ?

     

    Every object you have should belong to a traffic group, either local, or a specific traffic group. If you for instance, have Virtual IPs that belong to traffic-group none, an IP address conflict is likely to occur as the devices in a HA cluster might fight for control over that IP address.

     

    • traffic-group-local-only (non-floating) is non-floating and not synchronized in device-group.
    • traffic-group-1 is all your VS IP, floating IP... and all this object will be synchronized. for example if a faillover occur all object in traffic-group-1 will send a gratuitous IP and will be functionnal in other Equipement....

    3- What is device group and how they are related with HA setup ? 4- In my current configuration if I go to the self IPs tab then I see two IPs associated with same VLAN (VLAN-100)like DMZ :- One IP like 10.1.1.2 (Self -IP Traffic-group "traffic-group-local-only" ) second IP like 10.1.1.1 (Flot-ip Traffic-group "traffic-group-1") so here which IP I need to point on firewall/router as gateway ? and second thing when I start config/HA utility then it ask me for Floating IP for this particular VLAN (VLAN-100) then shall I type any new IP from this VLAN-100 or use the existing floating IP (10.1.1.1) which is in traffic-group 1 ?

     

    A evice group contains devices that synchronize configuration data and support traffic groups for failover purposes when a device becomes unavailable. A maximum of eight devices is supported in a Sync-Failover device group. https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-redundant-systems-config-11-2-0/5.html

     

    I advise you to create a specific VLAN for HA part (for this topic: sync, mirroring and failover).

     

    tell me if it's clear for you and please can you clarify the other asked...

     

    Regards