Forum Discussion
GeoIT_32223
Nimbostratus
NimbostratusGTM-WebAccelerator-LTM Design
Ok, so currently we have a HA pair of LTMs with ASM modules that load balance web servers as we are a small hosting company.
We recently just purchased equipment to build out a DR site for our websites and along with that purchased a GTM for each site, and two BIG-IP boxes with EdgeGateway, WebAccelerator, and WAN Optimization to go along with our curent HA pair of LTMs.
Configuring the EdgeGateway and WAN Optimization is pretty straight forward. My main question is concerning the design and integration of the GTM, Web Accelerator and LTM piece.
Seems like every doc out there on WebAccel configuration assumes you are running it on the same box as your LTM. For us this is not the case as our GTM, LTM and WA all are on different BIG-IP devices.
Currently we have a pretty simple design as our Firewall NATing to the VIPs on the LTM and the Pool Members behind that.
When we integrate the WA it looks like we will have to create new VIPs for each Website on the WA Box and then make their pool members the current VIP IPs for the website on the LTMs. I was hoping there was someway around having two VIPs for each site since when we add a new one we will now have to do it in two places. Then as we grow it will get confusing since every website will have like 5 IPs(Wide IP, External IP, WA VIP, LTM VIP, Server Host IP)
Anyone have any insight on this? The only doc I could find that was even close to it was how to integrate multiple stand alone WAs behind a LTM(s).
Thanks
Josh_41258I'm about to deploy an Edge Gateway in front of my existing LTM's as well, and would be interested in this. Can someone please comment?
I'd also be interested in ways to "bypass" the edge gateway and hit the LTM's directly if the edge gateway was to ever fail - we are only deploying one at each site, and not all of our applications utilize GTM for datacenter failover.
Thanks.- Josh_41258Bump. Anyone?
- Chris_Miller
Altostratus
Josh - I'd suggest reaching out to your local F5 Field Systems Engineer to discuss architecture questions like this. 
GeoIT_32223Josh,I talked to my local SE and the way I said above is the way we are going to implement it. There is not an easy way to do it without creating another set of VIPs on the stand alone Edge Gateway.
Since we only have 1 Edge Gateway I am going to Load Balance between the VIPs on the Edge Gateway and VIPs on the LTM so that if the Edge Gateway goes down it will pass traffic directly to the LTM.
If you don't have a firewall capable of that then you can create an inner and an outer VIP on the LTMs and sandwich the WA between them. I think there is a deployment guide out there that will detail this kind of setup.
- JRahm
Admin
won't half your customers miss out on an accelerated experience that way? Why not use global availability and put your Edge Gateway first and your LTM second. - GeoIT_32223Jason,
I should have specified that we are going to load balance, but always prefer the VIPs on the Edge Gateway. If they go down we will load balance over to the VIPs on the LTMs.
As for using the GTM to do the load balancing, we do not own our clients DNS and not all of them will be doing CNAMEs or GLB with us so that wasn't the best option.
