Multi-Tiered Application Architecture Question

Question

Hello all, I'm studying for the LTM 301a exam and one of the topics is multi-tiered architecture. So I thought I'd come here to the experts who have way more experience than I do, for some advice to help me better understand it. Also, I find it odd that I'm not finding a whole lot on multi-tiered architecture in the F5 documentation. Or maybe I'm just not finding it?

Scenario: Internet based clients connect to a web application hosted behind a Big-IP. I've got a single Big-IP running a Standard VS (VS-HTTP1) load balancing to a pool of web servers (10.10.1.0/24). The web servers will need to connect to a VS running on the Big-IP (VS-DB1) to be load balanced to a pool of MSSQL servers (10.10.2.0/24). NOTE: See attached topology

Questions:

1. Should I use a standard VS for VS-DB1 as I see here in F5 documentation about using the Big-IP as a proxy for MSSQL? Or can I use an Internal VS for VS-DB1 because I'm really only needing the Big-IP to be a load balancer from the web app to the SQL servers and not a full proxy. I'm not sure which would be a better option.

- My thoughts on this are that using an Internal VS may save some resources on the Big-IP since it's not proxy'ing fro the SQL connections.

2. For the connection from the Web servers to the SQL servers I was thinking it would be best to use SA_Persistence, and if I do, then I shouldn't use any address translation because I don't want the source address to be manipulated.

Am I on the right path? Any other suggestions as far as settings or profiles I should consider for this scenario?

Thanks in advance !!!

daniel_wolf · Answer

Hi&nbsp;TrainerBob,
I'd start with a word of caution. Today there are other, more modern and robust, solutions for loadbalancing SQL server. As far as I can remember, the 301a exam is still based on TMOS version 11 or 12. I cannot find the exact version number, seems the information isn't available. Hopefully it is not available, because they update the exam... SCNR&nbsp;😁
Take a look here:&nbsp;https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-6-0/26.html
This is from TMOS 11.6. Which is pretty close to the version the exam was built on.
KRDaniel

trainerbob · Answer

Ah yes, that's the document I linked to in my original post. This is simply a fictitious scenario to help me better understand the multi-tiered setup.
Is it really necessary to use a standard VS as full proxy for comms between internal servers? Or would an Internal VS be better?

daniel_wolf · Answer

Read about the internal vs type here:&nbsp;https://my.f5.com/manage/s/article/K15819It is not what will help you in this scenario.

zamroni777 · Answer

internal virtual server means the client of the vs is the bigip itself.in your case, the webservers are the clients of mysql vs, not bigip.so, that mysql vs is standard vs.

Forum Discussion

Multi-Tiered Application Architecture Question

Recent Discussions

how to whitelist new source IP on F5 web UI access

F5 to read a combined CRL file

Upgrade F5 BIGIP

ISP Load Balancing, SNAT pool instead of Automap link self-ip, anyway to do health check ?

MAC address of deleted VS IP address still responsive

Related Content

Enhance your Application Security using Client-side signals

AS3 referencing objects across applications

iWorkflow 101 (episode #1) - The Architecture Explained [End of Life]

BIGIP OAUTH : Transmit "Application id" to backend server after a successful atuthentication

The Journey to a Cloud Architecture

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS