Forum Discussion

MFS_324204's avatar
MFS_324204
Icon for Nimbostratus rankNimbostratus
Dec 27, 2017

F5 Link controller ISP migration considerations

Is there any known template or best practices to migrate ISP at LC?

 

Currently customer have 2 ISP, they would like to swap one of the ISP link to another provider

 

Any recommendation to manipulate the settings so that it can be done per phase (less distruption) instead of all-in?

 

They have quite a number of web app hosted (Inbound request)

 

  • Hi, I assume you are using wideip names for the hosted web apps that currently resolve to Virtuals on both ISP links for inbound load balancing. I also assume you are only looking at inbound traffic. Steps below pertain mainly to modifying the wideip members for a wideip name.

     

    My thoughts:

     

    1. Connect the new ISP link to LC so it runs parallel to the existing two links
    2. Create a new Virtual on the new ISP link for a specific hosted web app
    3. For its corresponding wideip name, disable/remove the Virtual (i.e. wideip member) on the to-be-removed ISP link for the specific hosted web app
    4. For the same wideip name, add the new Virtual created on the new ISP link. So now the wideip name can resolve to one of the existing Virtual AND also the new Virtual on the new ISP link (result would depend on lb method used).
    5. Repeat the steps above per wideip name as necessary until all hosted web apps are accounted for on the new ISP link.

    Hope this helps.

     

    • MFS_324204's avatar
      MFS_324204
      Icon for Nimbostratus rankNimbostratus

      Alex, thank you for the idea

       

      Yeah i think this should work, will have to test it later on.

       

  • I have additional query, what would be the best way to segregate this new ISP for Outbound:

     

    -Only user Internet request and some other service use new ISP *proxy *DNS *Outbound email traffic (Exchange)

     

    -Website/Web app outbound request/interaction will be later on, for now use existing 2 ISP

     

    From my reading, iRule might be needed?

     

    • Alex_104543's avatar
      Alex_104543
      Icon for Cirrus rankCirrus

      Hi,

       

      Yes, iRule could be used.

       

      1) Another perhaps simpler option is to use specific wildcard VS(s) that points to the new ISP for the group of users/email/DNS by specifying their "Source Address" in the VS properties. I believe the "Source Address" feature is available in 11.4.x or 11.5.x onwards.

       

      https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-concepts-11-5-1/3.html

       

      About source addresses - When configuring a virtual sever, you can specify an IP address or network from which the virtual server will accept traffic. For this setting to function properly, you must specify a value other than 0.0.0.0/0 or ::/0 (that is, any/0, any6/0). To maximize utility of this setting, specify the most specific address prefixes spanning all customer addresses and no others.

       

      2) Website/Web app outbound request/interaction can continue to use existing wildcard VS(s) pointing to the existing two ISPs.