Forum Discussion
Failover for UDP Performance Layer 4 with One (1) Connection
Hello, I am using the F5 to hopefully load balance or serve as an active-passive configuration for my firewall log pipeline. My firewall successfully sends logs via UDP to the F5 and they make their way to the configured pool member and are visible within my log collection environment, so that works.
I tried adding a 2nd server to the pool, but there is no load balancing because there is only one active connection from my firewall. That makes sense.
I figured the next best thing that I could attempt was to configure failover so if one node with the active connection goes offline, then my second node will pick up the traffic. I added both nodes to my pool today and turned off the service on my node with the active connection. The F5 UDP health monitor marked the primary node as offline, but the active connection never failed over to the secondary node. I was expecting the F5 to transfer the connection to the secondary node, and I am a bit confused as so why it did not. As I understand, this is potentially because of the connectionless nature of UDP. However, since the F5 marked the node as offline, I thought it would be able to failover the connection.
Do you know of any way to enable this active-passive configuration with the F5 using UDP protocol, Performance Layer 4, and two nodes in the pool?
Thanks!
- Aswin_mkCumulonimbus
please set persistence as none. Also please confirm active pool member showing as red when you put down the server, then the traffic should forward to secondary, if primary goes down, please create priority group as per above link. then it should be working
- Aswin_mkCumulonimbus
Could you please try and test the priority group activation in pool member
https://my.f5.com/manage/s/article/K13525153
- redadmin1972Altocumulus
I did try that after posting and it still did not failover within 5 minutes. I am still stick on this one.
I did not clear the active connection before testing. Maybe I need to force my virtual server offline, so the connection is removed before I test.
- redadmin1972Altocumulus
Here are some of the settings from the build. Pretty bare bones:
- zamroni777Nacreous
try to change the Source address translation to Automap.
your current setting is None, that means the flow should only work if the f5 acts as ip router.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com