Forum Discussion

GANESH_G_350404's avatar
GANESH_G_350404
Icon for Nimbostratus rankNimbostratus
Jun 06, 2018

ACE to F5 Migration

Hi All,

 

I am first time migrating ACE load balancer (running Multi-context) to F5 LTM LB. So could you please guide me what Pre-migration, Migration, Post-migration checklist or points need to be consider while migration and risk/Impact of it on business.

 

Thanks Ganesh

 

  • We migrated about 450 VIPs from a Cisco ACE to F5 LTM. We used F5 migration tool. If I had to do it again, I would move each VIP one by one. It will take longer, but in the end you'll save yourself a headache.

     

    1. I'd leave the ACE configuration running;

       

    2. Configure one of the VIP on the F5 using a different IP;

       

    3. Ask application owner to edit their host file with the new IP and valid their application;

       

    4. Once validated complete one of the two options

       

      • Change DNS to the new IP (we did a lot of this)
      • Remove the IP from the ACE and give it to the F5 (I had more control if there was an issue doing this way because I didn't have to rely on our security team to undo the DNS change)
    5. Ask the application owner to validate again.

       

    After a while, I'd move about 5 to 10 application a night. And with the more critical application we'd only do that one, for example exchange.

     

  • We migrated about 450 VIPs from a Cisco ACE to F5 LTM. We used F5 migration tool. If I had to do it again, I would move each VIP one by one. It will take longer, but in the end you'll save yourself a headache.

     

    1. I'd leave the ACE configuration running;

       

    2. Configure one of the VIP on the F5 using a different IP;

       

    3. Ask application owner to edit their host file with the new IP and valid their application;

       

    4. Once validated complete one of the two options

       

      • Change DNS to the new IP (we did a lot of this)
      • Remove the IP from the ACE and give it to the F5 (I had more control if there was an issue doing this way because I didn't have to rely on our security team to undo the DNS change)
    5. Ask the application owner to validate again.

       

    After a while, I'd move about 5 to 10 application a night. And with the more critical application we'd only do that one, for example exchange.