Forum Discussion

Jake_Butler_399's avatar
Jake_Butler_399
Icon for Nimbostratus rankNimbostratus
Feb 08, 2012

Redesigning of the Environment

Our current environment has an Active/Standby Pair, We are going to be upgrading to 11.1.0. However, during this upgrade time we would like to make some drastic changes to the way the F5s function. The biggest changes that need to happen are that we now have the need to build out Partitions & Route Domains.

 

 

Once the Current environment is built out with the prospective Partitions and RDs move the traffic over to the newly provisioned F5 for testing and verification. If the testing competes, upgrade the 10.2.1 system up to 11.1.0. Then do a config sync to Update to the current/new config. If the testing fails just fail the traffic back to the 10.1.0 system and revert the changes 11.1.0 system.

 

 

Can we use the config Sync option to push all the changes?

 

Has anyone done this kind of config swing before?

 

Are there any issues I should plan for?
config
design
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Feb 08, 2012
    partition and route domain are in bigip_base.conf. so, i understand they are not synchronized to peer unit.
  • Hamish's avatar
    Hamish
    Icon for Cirrocumulus rankCirrocumulus
    Feb 08, 2012
    Mm... AFAIHF Migration to route domains can't be done from the gui either (at least with 10.2.1). When you attempt to move a vlan from the default route domain to the new one, you get an error because ip addresses still exist in the separate domain... I never found an easy way to do this automatically (one of the disadvantages of the bigip way of doing this versus something like a cisco VRF).

     

     

    Its a hand edit of both the bigip_base.conf and bigip.conf files to add the required %domainid to all the ip addresses that need to move from one route domain (including the default 0) to another... And then reloading the config. You can do yhis on the standby unit though, so downtime is minimal.

     

     

    The alternative is to delete any ip address moving route domains and recreate them aftwards... I went the hand edit route.
  • Hamish's avatar
    Hamish
    Icon for Cirrocumulus rankCirrocumulus
    Feb 08, 2012
    Oh... I did do this on 10.2.1 a couple of weeks ago... I wouldnt do an upgrade at the same time... The migration and testing afterwards are a bit too involved IMO, especially if someone has issues later... I generally leave at least a week between upgrades and major config changes.

     

     

    H