For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

dragonflymr's avatar
dragonflymr
Icon for Cirrostratus rankCirrostratus
Sep 02, 2015

Routed Network failover

Hi,

 

I am pretty sure it should work but can't find direct confirmation and some real life experiences if it's reliable or should be avoided.

 

Let's say there are two DCs with separate subnets. There are two LTMs, one per DC. Those should work in HA pair, let's say Active-Active. Network failover communication can only be setup using routing. Will it work at all? If so what factors should be analyzed in first place?

 

Piotr

 

application delivery
availability
design
LTM

2 Replies

  • Vitaliy_Savrans's avatar
    Vitaliy_Savrans
    Icon for Nacreous rankNacreous
    Sep 03, 2015

    Hi,

     

    at first you need to analyze latency of the failover network. It sould be under 100ms. Also F5 recommends that you configure network failover to communicate over the management network, in addition to a TMM network.

     

  • arpydays's avatar
    arpydays
    Icon for Nimbostratus rankNimbostratus
    Sep 03, 2015

    Hi, as you have additional infrastructure between the units there is a higher risk of split-brain active/active (same traffic-group going active on both units) and therefore you should consider the connectivity between sites, switch fabric, perimeter firewalls, routing, underlying mpls/optical connections/diversity to understand the availability/SLA of the network connection so that it matches your F5 availability design. Using TMM and mgt will give you diversity locally but if there is a single point of failure somewhere and TMM and mgt follow the same path it'll not be good.

     

    It may be unlikely to have a routed only network between F5s in different DCs if they will present the same applications (VS IPs) at each DC

     

    cheers