Forum Discussion
Piotr_Lewandows
Altostratus
AltostratusGateway Failsafe and default gateways
Hi,
I am quite lost concerning how Gateway Failsafe (GF) can be used to monitor def GW in cluster.
Def GW object is object synced between nodes. So I can't see a way to set two different De...
Greetings, Following this article and it appears the LTM is aware of the fact that the device is in a high-availability configuration.
https://support.f5.com/csp/article/K15367
I modified the pool (per article) and when tab completing, options of the device names for the devices in the HA pair. This seems to be how the system differentiates:
modify ltm pool ssh_pool gateway-failsafe-device
Configuration Items:
ltm2.test.net ltm1.test.net
dragonflymrCirrostratus
Hi,
I can do all what is described in the article, and it's working. If my gateway pool went down Failover occurs.
That is not an issue here. I wonder how to define separate default gateways per node using Routes.
If I will define default gateway on one device after sync it will be propagated to other, so both will have te same one.
Now if I will define wildcard VS (ForwardingIP) for internal host this VS will use same gateway no matter which node will be active.
But my goal is to be able to use different default gateway depending on which node is Active - assume that each node is connected to network on ext side using different subnets. So one is going out VLAN1 -> GW1 -> Internet second VLAN2 -> GW2 -> Internet based just on routing table.
Seems to be impossible - or I am wrong?
I know that I can monitor separate GW on each device but those GW can not be default gateways because only one entry in Routes define DG and is shared by both nodes.
Piotr
Hi Piotr, I see the issue you are facing with the syncing gateway. Let me have a little time to consider this. I'm thinking of two methods:
1) A pool of gateway members, some gateway members are reachable on one BIG-IP while others are reachable by the other BIG-IP.
Question: Will all of the gateway members be reachable by both LTMs?
2) Route domains allow you to create multiple default gateways. The downside with RD is you can't route between them.
This is an example using route domains based on this description (I believe):
"So one is going out VLAN1 -> GW1 -> Internet second VLAN2 -> GW2 -> Internet based just on routing table."
Two route domains:
net route-domain 0 { id 0 vlans { internal } } net route-domain rd2 { id 2 vlans { external } }Two pools based on the route domains:
ltm pool pool_0 { members { 10.12.23.27:any { address 10.12.23.27 session monitor-enabled state up } } monitor gateway_icmp } ltm pool pool_2 { members { 10.11.23.27%2:any { address 10.11.23.27%2 session monitor-enabled state up } } monitor gateway_icmp }Now the route table, showing two default gateway. Any packet to vlan internal will route to pool_1 and any packet in vlan external will go to pool_2:
show net route ---------------------------------------------------------------------------------------- Net::Routes Name Destination Type NextHop Origin ---------------------------------------------------------------------------------------- gateway_0 default pool /Common/pool_0 static 1500 gateway_2 default%2 pool /Common/pool_2 static 1500There are so many options for managing pools and routes, I would like to think this won't be impossible. It may just take a few tries.