Forum Discussion
May 01, 2014
Hi Anthony,
the v11 implementation of active/active is based on traffic groups.
The traffic groups contain failover objects like floating self IPs, VIPs, NATs, SNATs and allow grouping of associated elements.
Since v11.5 the failover mechanism was improved by allowing multiple HA groups to be combined with traffic groups. So active/active becomes more interesting and you have better control than before.
Very often an active/actice deployment will require to apply SNAT. Will it work in your environment? Btw, most times it does from my perspective. Whithout applying SNAT there is a risk to run into asymmetric traffic flow. Yes, there are methods to allow it by running virtuals in FastL4 with "loose init/close" enabled or be disabling VLAN keyed connections. But these "workarounds" are limiting the available features and make your setup less secure.
Regarding latency: I´m not aware of a specification on maximum delay or round trip time between device group members. And I won´t be concerned of heartbeat and config sync. But if you apply traffic mirroring, a high round trip time may limit the mirroring capacity and increase the amount of allocated memory to buffer this traffic. (Mirroring more or less means to duplicate the traffic to the failover peer.)
You are mentioning a combination of LTM and GTM controllers. I always avoided to combine these functions on the same appliances. Make sure to use separate appliances and run your GTMs as standalone units in a GTM sync group. (dicussing this would be a separate thread)
Thanks,
Stephan