Forum Discussion

iTbaJz's avatar
iTbaJz
Icon for Nimbostratus rankNimbostratus
Mar 17, 2023

About BIG-IP with trunk configuration enabled LACP

Hello.

English is not my native language, so please bear with my mistakes.

 

We have two BIG-IP 12.1.1 configuring HA Group and two L2SW configuring stacking. (The configuration is like Fig1)

Before last week, each state is as follows.

  • BIG-IP(#1) was Active
  • BIG-IP(#2) was Standby
  • L2SW(#1) was Member
  • L2SW(#2) was Master

Last week, L2SW(#2) lost power, so L2SW(#1) transitioned from Member to Master.

At that time, after BIG-IPs detected link down of Gi 2/0/21 and Gi 2/0/22, BIG-IPs detected link down Gi 1/0/21 and Gi 1/0/22 for 5 seconds.

Does the load balancer configuring HA Group cause the link down when the L2SW transitioned from Member to Master?

 

If you need any specific information, please let me know.

Thanks for the help.

  • iTbaJz This is a 2 part answer. First, the F5 would not mark any interface down without the opposing end transitioning the interface to a different state so you might check the logs on the L2SW. Second, if you have an HA group setup for your F5 trunked interfaces that should cause a failover between F5 units depending on how you have the threshold setup. Ideally in your setup you would want a failover to occur if BIG-IP#1 or BIG-IP#2 has a lower value than the other one to account for 1 L2SW going down in the stack and both BIG-IPs will have 50% of a link up at any given time.

    From a redundancy point of view you are better off having BIG-IP#1 have interfaces only to L2SW#1 and BIG-IP#2 have interfaces only to L2SW#2 and then L2SW#1 and #2 have a trunk down to the next device in the path if it's a single device or if it's another stack or 2 seperate devices an interface to the two different devices to allow path redundancy. This way the BIG-IPs will always have full utilization of the two interfaces in the F5 trunk unless a switch failure or port failure occurs. In either event described the F5 will failover to the other F5 in the redundancy group since it will have degrated performance by having either 1 interface down or both interfaces down rather than both BIG-IPs always having a state of degraded performance if 1 of your L2SWs goes down in the stack. The following are the 3 topologies that would make sense to me that you would have so cabling has been provided for them and what I believe would end up as the best resiliency overall with the best bandwidth for the F5s in the event of a failure of a port or SW. Please disregard that I have the L2SW with the same number, it was too late when I noticed and I had already deleted the topology files and didn't want to go back and correct them.

    • iTbaJz's avatar
      iTbaJz
      Icon for Nimbostratus rankNimbostratus

       

      I've understood "F5 would not mark any interface down without the opposing end transitioning the interface to a different state".
      And as you said, failover between F5 units had occurred last week.
      I'll conduct more research on about L2SW.

      And thanks for the suggestion better redundancy configuration.
      I've learned a lot from you!