Forum Discussion

Mark_Smith_-_NC's avatar
Mark_Smith_-_NC
Icon for Altocumulus rankAltocumulus
Nov 09, 2016

Active-Active traffic groups and network

We're just setting up 2x Big-IP 4000s as a HA pair but would like them to be used Active-Active with Traffic Groups.

 

We have a new vlan (/23 network subnet) which will contain the Virtual Servers and we would like to distribute the VS's across both of the traffic groups.

 

Is this possible or would we need to separate the network and have 2x /24 networks with one then used and distribute the VS's into each traffic group?

 

Thank-you in advance for any advice.

 

Mark

 

  • The answer is yes.

     

    I left this as a comment because... One, I would like to know what is driving an ACTIVE/ACTIVE deployment. I find they are best avoided. If you are building this so that one system can handle the load, I would just deploy ACTIVE/STANDBY. If you are planning on loading the systems past the ability of one, understand the failure scenarios.

     

    Secondly, if you go ACTIVE/ACTIVE I would encourage you to go with two /24s for ease of IP management and possible ease of configuring automated VIP deployment systems in the future.

     

    Best of luck on your deployment!!!

     

  • Thanks for the advice.

     

    The active/active was to make the most use out of the kit and investment we've made although we are aware we'd need to monitor usage to allow for any failures. We've bought 3x Big-IP 4000's (2x for HA pair in our primary data centre running LTM/APM and 1x standalone at our DR site.

     

    Then we have 2x Big-IP 2000's (1x at primary site and DR site and will be running GTM/DNS).

     

  • I have seen many people using active - active combinations. But better to have GTM on top of it in those scenarios else normal DNS would just do round robin and not the actual health check.

     

  • Answering also based in the extra information you provided in the comments. As David said, most of the time an Active/Standby setup is better than an Active/Active setup.

     

    Let me first explain why with 2 units. Either with a Active/Active or Active/Standby you still need 2 units, so the you are not saving money. An Active/Standby is easy to support and upgrade, because you perform the upgrade in the standby unit first, and then the other unit. Troubleshoot is also easier, you know the applications are active in the active unit. On the other hand, an Active/Active setup requires you to do a failover first, this to make sure the unit been upgrade is in standby mode. Also, when troubleshooting you need to check where is the virtual server active (or any other listener).

     

    Next, the same network with Active/Active setup. When using Active/Active setup, each object is either in one traffic group or the other. So, you will need a float Self IP and 2 non-float Self IP per traffic group (so 6 IPs if using a Active/Active setup), and because you are using the same network, I doubt that is going to work well (unless you use route domains, but that adds unnecessary complexity).

     

    An Active/Active setup is recommended when you have 3 or more units, as you can do Active/Active/Standby.

     

    If after reading this you still want a Active/Active setup, this link have more information:

     

    https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-implementations-11-4-0/3.html

     

  • Mark,

     

    Given your additional design details, I would encourage you even more to avoid ACTIVE/ACTIVE. If your DR has only one unit, and you want HA in your primary, not to mention the points Souza makes below, it would really be in your best interest to go ACTIVE/STANDBY. There truly is NO advantage to it in your case. Only pitfalls, added complexity, and the increased cost of ownership that comes with both.

     

    You wouldn't drag your spare tire behind the car, wearing it out, just to use it.

     

    Would you? :)

     

    Keep it fun!

     

  • Hi all,

     

    Thank-you for your advice and guidance. It's been a big help and we have decided to have an Active/Standby approach.

     

    Mark