Forum Discussion

acorreia's avatar
Icon for Nimbostratus rankNimbostratus
Sep 15, 2023

F5 LTM/APM Disaster Recovery Options?

I wanted to pose a question to everyone to see what they are doing in a similar situation. 

  • We have two HA pairs of LTMs, one for internal apps and one for external facing apps.
  • The pair for external facing applications also has APM holding over 100 SSO configurations.
  • We have another two HA pair in our DR facility riding on a completely different IP schema with nothing configured.

How would you guys handle a DR scenario.  Is there a way I'm not aware of to copy the configurations, certs, irules, etc... with a different IP schema?

2 Replies

  • acorreia Your best bet would probably be to create an SCF and then go and change the IPs to be the appropriate ones before importing the configuration of the SCF. I assume this is because you do not want to configure the DR F5 pair from scratch? The following is how to work with SCFs.

    If it were me and the DR devices really haven't been configured I would update the master key on the DR pair to match what your prod environment uses and then import the configuration using a UCS. Once you have the configuration imported them go and change all the IPs to be what they need to be. Using the UCS will most likely be considerably more work than the SCF because some configuration pieces will require deleting dependencies first before you can change the configuration.

  • I personally built our DR setup into the main cluster so everything synced nicely.
    LTM may be a issue to do that, but APM still might let you sync the config to the DR devices for you. 

    One thing i considered when doing this is how the DR site would be triggered, for me it was fast so i set things up so it was a couple of button clicks rather than a set of work and testing.

    I must admit i'm about to go and look at the scf i might have a use for that somewhere else!