Forum Discussion
NimbostratusI am transferring LB services from ACE to F5 and i have below questions.
I am transferring LB services from ACE to F5 and i have below questions.
===================================================================================================
In ACE we have a vlan configred with a secondary subnet like below:
interface vlan 2644 ip address 10.129.50.34 255.255.255.224 peer ip address 10.129.50.35 255.255.255.224 alias 10.129.50.33 255.255.255.224 ip address 10.129.50.130 255.255.255.192 secondary peer ip address 10.129.50.131 255.255.255.192 secondary alias 10.129.50.129 255.255.255.192 secondary
So can i configure two set of self IP's and tag them with the same vlan ID 2644
First 10.129.50.34/27 is my self IP for primary unit 10.129.50.35/27 is my self IP for Secondary unit 10.129.50.33/27 is the float The above set of self IP's are tagged with vlan2644
10.129.50.130/26 is my self IP for primary unit 10.129.50.131/26 is my self IP for Secondary unit 10.129.50.129/26 is the float This set of self IP's is also tagged with vlan2644
So is such kind of configuration possible on the F5?
===================================================================================================
===================================================================================================
Then i have a pool configured with two nodes in it.
ltm pool pre_holvi_ldap_write { description pre_holvi_ldap_write members { bpredir3_10.129.50.55:ldap { address 10.129.50.55 session monitor-enabled state down } bpredir4_10.129.50.56:any { address 10.129.50.56 session monitor-enabled state down } } monitor tcp_389 partition ilm-int-acc
Below is the ACE config for this pool
serverfarm host pre_holvi_ldap_write failaction purge probe tcp389 rserver bpredir3_10.129.50.55 389 backup-rserver bpredir4_10.129.50.56 inservice rserver bpredir4_10.129.50.56 inservice standby
Now in ACE the config is such that 10.129.50.55 is the primary NODE and 10.129.50.56 is the secondary NODE. And the secondary NODe remains inactive until the primary fails. So how to configure such scenario in F5?
===================================================================================================
===================================================================================================
And how can i achieve the below config using GUI, i see that both http and https is configured in same virtual
ltm virtual pre-holvi {
destination 10.129.50.134:https
ltm virtual pre-holvi {
destination 10.129.50.134:http
pool pre-holvi
profiles {
tcp {}
http {}
} }
===================================================================================================
2 Replies
IheartF5_45022Nacreous
Hi,
- Yes you can have multiple self-ips per VLAN which emulates secondary IP addresses on a Cisco device.
- You need to use the "priority group activation" feature https://devcentral.f5.com/questions/priority-group-activation-why-use-it
- You need one virtual for http, and one for https. Before you create the https virtual you'll need to create SSL certificate/Keys, then a client SSL profile, then you assign the client SSL profile to the https virtual.
Let us know if you need any help but it's all quite straightforward.
yogesh_gaikwad_Thanks for the info...
