F5 Failover

Question

Apologies for what is probably a really basic question but I've just inherited this with minimal handover.  Anyway, here goes:&nbsp;
We have two F5 LTM's in a Sync-Failover pair.  They're load balancing some critical production services.  They are automatically sync'ed
We need to power one (the current primary) down to physically move it in a rack.  Management is very twitchy about risks to live services as there have been a few unplanned outages (not the F5's) in recent weeks.&nbsp;
As far as I can see from the documentation, powering the primary down automatically fails over to the secondary.  What is not clear is if there is any loss of service during the failover.  One document says no another says there might be.  It's also not clear whther it's better to manually fail the service over to the secondary before powring off the primary.&nbsp;
So I have two questions.
1. Should I just power off the primary or manually fail the service over and then power it off?
2. In either case what is the risk of any service outage?&nbsp;
Martin Sharratt
Univeristy of the West of England&nbsp;

r_eastman_13667 · Answer

I would manually set the primary F5 to standby and then verify that the new primary F5 is processing all the traffic. I would then set the former primary F5, the current standby F5 to "Offline". Setting it to offline will tell the new primary to not failover because the standby is "Offline". Turn off the F5, move it, then power it back up. Bring it "Online" and verify that it can communicate with the primary F5.

eric_st__john · Answer

I would fail the appliance over to the standby prior to powering down.  If there is a chance that you have an issue with the standby, you'd rather find that out before powering the primary down.&nbsp;
There are too many variables to say whether there will be any service outages.  If all of your applications are HTTP/HTTPS, you have proper persistence in place, and that persistence is being mirrored if necessary, you shouldn't see a service outage as these are short lived services.  If you have long lived services, such as FTP, that have sessions in flight and session and persistence mirroring are enabled, you shouldn't see a service outage.&nbsp;
If all/most of your applications are HTTP/HTTPS, and you are using cookie persistence, you should be in good shape.&nbsp;
Eric&nbsp;

jgranieri · Answer

Even with persistence any SSL termination on the F5 will result in those sessions being renegotiated.  SSL persistence is not mirrored/persisted as of yet. non-ssl services should be able to failover

Forum Discussion

F5 Failover

3 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Configuring AWS HA Failover Across AZs Without EIPs Using F5 Cloud Failover Extension (CFE)

F5 Cloud Failover Extension (CFE), private endpoints, and custom DNS

Per-app failover for Kubernetes-based services using F5 Distributed Cloud Services

F5 HTTPS Redirect 2025

F5 Automatic ISP failover Configuration

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS