Forum Discussion
AltostratusLTM HA between separate site
CirrostratusHi,
Are all VLAN's available in both DC's via the MPLS network?
I would create a Device Group with both LTM devices for Sync-Failover. Use a seperate VLAN for Config Sync and use failover method 'Network' because the serial option cannot be used if the LTM devices are located in different DC's.
Maybe you can use two Traffic-Groups so users near DC1 are using the VS's active on the LTM in DC1 and users near DC2 are using the VS's active on the LTM in DC2.
But in this simple setup the VLAN's for the VS's and the Pool Members must available in both DC's.
Martijn.
- Justine_313324
Hi Martijn,
Thanks for the reply. Since creating traffic-groups for each DC, you meant that the HA mode would be active/active right? What if both DCs pool members have different vlans, would it be possible to pursue HA? Right now,i want to use active/standby mode, users from both DCs could access the resources through LTM1 in DC1, and when there is trouble on LTM1, LTM2 becomes the active and traffic will still continue on LTM2 at DC2.
- Martijn_144688
Yes, when creating Traffic-Groups, you can have one Traffic-Group active in DC1 and standby in DC2. The other Traffic-Groep is active in DC2 and standby in DC1. But you just want simple HA.
For HA to work, both BIP-IP appliances need the same configuration in terms of nodes, pool-members, pools and virtual servers. This is the kind of information that is synced in a Sync-Failover setup. Also float-IP's are synced. I am not sure what happens when float-IP is synced to a LTM device on which the VLAN and subnet is not available.
Does not sound like a stable setup.
Martijn.
- Justine_313324
Thanks Martijn.Which is better,active/active or active/standby mode? Though F5 recommends to use the active/standby mode. I would like to pursue on active/standby mode. Forgot to inform to you that DC1 is the active and DC2 is just a backup so they have the same resources or DC2 is just a replicate of DC1. Would it be possible that when LTM1 at DC1 goes down and LTM2 becomes the active,then users from DC1 could still access the resources and be load balanced using LTM2 to DC1 resources?
- Martijn_144688
Justine,
If you are just starting with BIG-IP in a cluster setup, Active/Standby is the easy one. It is also easy to troubleshoot because all traffic goes through one device.
Without knowing the detailed layout of your network, it is possible to access resources in DC1 via the LTM in DC2. But those resources must be reachable for both LTM devices. So all VLAN's must be available in both DC's. Keep in mind all user traffic is passing the MPLS network twice. From client in DC1 to LTM in DC2 and from LTM in DC2 to server DC1.
Have you even considered to use BIG-IP DNS for Data Center loadbalancing?
Install a BIG-IP DNS in both DC's. These BIG-IP DNS appliances can monitor the LTM devices in both DC's via the iQuery protocol. So both DNS devices are aware of the status of LTM devices, VS's and Pools. If the LTM device in DC1 goes down, the DNS device in DC1 will advertise the IP-address of an applianction from DC2. This way you have HA on another level and it is not needed for both DC's to have the same VLAN's and subnets. And no unecessary traffic over the MPLS network.
As you can see, you can build almost every possible HA setup with F5 BIG-IP. The question is: how far do you need to go.
Regards, Martijn.
- Justine_313324
Thanks for the answer Martijn. I think I will proceed to A/S mode. If you have an idea, is 100Mb MPLS is enough speed for the LTM devices to communicate with each other for monitoring on each health?though I read a post that the bearing is 100ms. Yes, we will be using BIG-IP DNS/LTM in one appliance each on our DMZ1 and DMZ2. Big-ip DNS is for our customers/clients access only.
