Forum Discussion

Cirrus

Apr 23, 2020

F5 AWS HA

Hello - We setup F5 HA (LTM & ASM ) in the same AZ in AWS. v14.1 We are using the m5.xlarge instances. We have eth0 - MGMT - eth1 - External - eth2 - Internal. And we setup HA to communica...

Employee

Apr 23, 2020

HA in AWS does not work in the same way as it does with VE or physical devices.

AWS effectively does not have a Layer-2 network, so the HA based on ARP used on layer-2 networks does not work.

In AWS (and other cloud networks) a failover script uses the cloud provider api to shift the IPs from one device to another. However, this can be slow (up to five minutes for IP address failover). Another option is having multiple Active BigIPs with an AWS elastic load-balancer distributing connections.

Take a look at the F5 CloudFormation templates that guide you through building BigIPs in AWS with a templated configuration.

TJ_Vreugdenhil
Cirrus
Apr 24, 2020
Thanks Simon! We are using the CFT below.
https://github.com/F5Networks/f5-aws-cloudformation/tree/master/supported/failover/same-net/via-api/3nic/existing-stack/payg

Couple questions:
1) Is it ok to use the internal NIC for HA/Config Sync as well to save on cost (instead of having a dedicated HA subnet/interface)?
2) What the best way at the moment to get around the 15 VIP ENI allocation per NIC using a deployed template like this?

Thanks!

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

F5 AWS HA

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Changes to DO and AS3 GitHub - no longer monitored

ASM/AWAF declarative policy

Help with SSH Virtual Server

GRE Tunnel Issue

Help with an iRule to disconnect active connections to Pool Members that are "offline"

Related Content

High Availability for F5 NGINX Instance Manager in AWS

Using AWS CloudHSM with F5 BIG-IP

Configuring AWS HA Failover Across AZs Without EIPs Using F5 Cloud Failover Extension (CFE)

F5 Distributed Cloud Bot Defense Protecting AWS CloudFront Distributions

AWS Advanced HA iApp

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS