Forum Discussion

Gerald24's avatar
Icon for Altostratus rankAltostratus
Jul 20, 2022

Active/Active HA Setup

I have a question regarding HA Setup with Active/Active Setup.

I want to perform sync in both devices without affecting the configured routes of Both F5. Do you have an idea how could I do it? I'm trying to configure it in an F5 VE AWS environment. 

1 Reply

  • There is a way to put configuration objects (i.e. virtuals, pools,profiles) and file objects (i.e. certs/keys) into folders.

    You would run your BIG-IPs not in a sync-failover device group, but in a sync-only device group.

    To create the folder you might follow this example:

    tmsh create sys folder allsites_synconly \
    device-group devgroup_sync-only_all-sites \
    traffic-group none
    tmsh save sys config partitions all

    Objects like certificates may be imported/assigned to a folder like this:

    tmsh create sys file ssl-key allsites_synconly/cert_service.bit \
    source-path file:/shared/service.bit/service.bit.key
    tmsh create sys file ssl-cert allsites_synconly/cert_service.bit \ source-path file:/shared/service.bit/service.bit.crt

    If you prefer using the TMUI, don´t forget to put the folder always in front of your objekt name, i.e.: