F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Krodriç's avatar
Krodriç
Icon for Nimbostratus rankNimbostratus
Feb 10, 2025

Configuration Synchronization across BIG IPs

Hello Everyone, I'd like to share a situation and would love to receive some suggestions.    I do have a big ip env where I want to replicate the configuration of a Active-Standby cluster into anot...
bigip
device group
sync-only
synchronisation
Synchronization
F5_Design_Engineer's avatar
F5_Design_Engineer
Icon for MVP rankMVP
Feb 12, 2025

Hi krodric,

To replicate the configuration of an Active-Standby cluster (BIG-IP-A and BIG-IP-B) to another standalone BIG-IP instance (BIG-IP-C), creating a Sync-Only device group and specifying manual synchronization is a good approach. Here are the steps and considerations to ensure this setup works effectively:

Steps to Configure Sync-Only Device Group

  1. Create a Sync-Only Device Group:
    • Purpose: This group will synchronize configuration data without affecting traffic failover.
    • Steps:
    1. Log in to the F5 Configuration utility.
    2. Navigate to: Device Management -> Device Groups.
    3. Create a new device group:
      • Name: Provide a name for the device group.
      • Type: Select "Sync-Only".
      • Members: Add BIG-IP-A, BIG-IP-B, and BIG-IP-C as members.
    4. Set Sync Type: Choose "Manual" to control when synchronization occurs.
  2. Initiate Manual Synchronization:
    • Steps:
    1. Log in to the F5 Configuration utility.
    2. Navigate to: Device Management -> Overview.
    3. Select the Sync-Only device group.
    4. Initiate Sync: Click "Sync" to manually synchronize the configuration.

Considerations and Best Practices

  1. Configuration Consistency:
    • Ensure all devices are running the same version of the BIG-IP system software to avoid compatibility issues[1].
  2. Regular Backups:
    • Regularly create UCS backups of your configurations to ensure you can restore them if needed.
  3. Monitoring and Alerts:
    • Set up monitoring and alerts to notify you of any synchronization issues or configuration changes.
  4. Testing:
    • Periodically test the synchronization process to ensure it works as expected and that BIG-IP-C has the correct configuration.
  5. Documentation:
    • Document the synchronization process and any specific configurations to ensure consistency and ease of troubleshooting.

Example Commands

Creating a Sync-Only Device Group

tmsh create cm device-group SyncOnlyGroup type sync-only devices add { BIG-IP-A BIG-IP-B BIG-IP-C }

Initiating Manual Synchronization

tmsh run cm config-sync to-group SyncOnlyGroup

Limitations of Sync-Only Device Groups

  1. No Failover Support:
    • Description: Sync-Only device groups do not support failover. This means that while configuration data is synchronized between devices, there is no automatic failover of traffic if one device becomes unavailable.
    • Impact: You need to manually manage failover scenarios, which can increase downtime and require more administrative effort.
  2. Maximum Number of Devices:
    • Description: A Sync-Only device group supports a maximum of 32 devices.
    • Impact: If you have a large deployment with more than 32 devices, you will need to create multiple Sync-Only device groups, which can complicate management.
  3. Manual Synchronization:
    • Description: Synchronization in Sync-Only device groups is typically manual, meaning you need to initiate the sync process yourself.
    • Impact: This requires regular administrative intervention to ensure configurations are up-to-date across all devices.
  4. Configuration Consistency:
    • Description: All devices in the Sync-Only device group must run the same version of the BIG-IP software.
    • Impact: Ensuring software version consistency across all devices can be challenging, especially in large environments.
  5. No Traffic Group Synchronization:
    • Description: Sync-Only device groups do not synchronize traffic groups. The same has been told by CA_VALLI in his post above.
    • Impact: You need to manually manage traffic groups and ensure they are correctly configured on each device.

Best Practices

  1. Regular Backups:
    • Regularly create UCS backups to ensure you can restore configurations if needed.
  2. Monitoring and Alerts:
    • Set up monitoring and alerts to notify you of any synchronization issues or configuration changes.
  3. Testing:
    • Periodically test the synchronization process to ensure it works as expected and that configurations are correctly applied.
  4. Documentation:
    • Document the synchronization process and any specific configurations to ensure consistency and ease of troubleshooting.

By understanding these limitations and implementing best practices, you can effectively manage and synchronize configurations using Sync-Only device groups on F5 BIG-IP.

Additional Resources

  • F5 Documentation: Refer to the F5 documentation for detailed steps on managing configuration synchronization[1][2].
  • Community Forums: Engage with the F5 community for additional insights and best practices[3].

By following these steps and considerations, you can effectively replicate the configuration of your Active-Standby cluster to the standalone BIG-IP instance. 

[1]: Managing Configuration Synchronization - F5, Inc. [2]: Working with Device Groups - F5, Inc. [3]: Configuration Synchronization across BIG IPs | DevCentral


References

[1] Managing Configuration Synchronization - F5, Inc.

[2] Working with Device Groups - F5, Inc.

[3] Configuration Synchronization across BIG IPs | DevCentral

Kindly rate

HTH

F5 Design Engineer