Forum Discussion
NimbostratusNetwork topology
Hi,
I have to shape the network to offer business continuity for several webservices and I thought about two options:
1) Using a GTM, but I have too few network interfaces
2) using an LTM to switch services between two Data Center (For business continuity), particularly the pool members will be VIP from the other LTM (each one situated in a different Data Center) all in the same extended VLAN.
So my questions are:
a) Does a module exist to expand network interfaces on GTM?
b) Has anyone ever used the 2) topology? Could it present problems?
Thank you
14 Replies
What_Lies_Bene1Cirrostratus
a) Unless you've spare SPF slots, I don't think so. Can you not use VLAN tagging with existing interfaces?
b) I haven't and you might end up applying LTM features twice and breaking flows. However, why can't the pool members just be the real servers. Priority Group Activation could be used so the servers in the other DC are only used when all the primary servers have gone down.
luigi_avella_10A) no I haven't but I have to go deep in the VLAN tagging feature to evaluate if it could be a solution, could you link me some doc? I use GTM for internet services too, could it be enough to configure interfaces by 802.1Q protocol, bringing the Intranet service vlan?
B) In my architecture there is only a vlan extended to publish services, the backends and frontends are specific for each data centre. Extending backend and frontend for three data centers would have been a risk for level 2 loops.
Thank You
Maurizio- What_Lies_Bene1
a) This should help, where tagging is concerned things haven't changed between versions: http://support.f5.com/kb/en-us/prod...ml1012642 - it's pretty standard stuff as you suggest.
b) You don't need to extend VLANs, Pool Members could be 10 hops away, it doesn't matter as long as there is valid IP routing to and from the server and F5. - luigi_avella_10
a) Very interesting, thank you
b) My project manager don't want config routes on LTM, perhaps to avoid overloads, I've suggested him this solution time ago.
Thank you thousand
- What_Lies_Bene1You're welcome. If you get stuck, post back. Cheers
- luigi_avella_10
Hi, The solution works great! But I'm asking myself if it is possible to allow pool members on a different network than the F5 self ip to use SNAT
Thank you for your attention
- What_Lies_Bene1
Sorry, do you mean, SNATting the client traffic sent to those Pool Members?
- What_Lies_Bene1
OK, I get you, I don't see why it wouldn't work with servers on a different subnet as long as they have the relevant route (or the network does) to the F5 and the route back follows back along the same path.
- luigi_avella_10
Sorry, I've made a mistake describing the problem. The server in the pool from which the request starts is from another network. In the picture there are both the situation: From the same subnet of selfip (orange arrow) and from another subnet (red arrow) I thing the only solution could be using Policy Based Routing on R2 and R1, capturing the specific traffic and forwarding it to the LTM
- What_Lies_Bene1
Why not just use a static NAT on the F5 (that will be routed to the F5) for the destination server and have that N2 server use that. Then do a source NAT so the destination server routes back correctly via the F5?
