Forum Discussion

jmanya_44531's avatar
jmanya_44531
Icon for Nimbostratus rankNimbostratus
Feb 11, 2016

Sync Only config for HA and standalone BIG IP devices

Hello guys,

 

Please, I´ll appreciate you could answer this question and provide some advice for a happy deployment.

 

Currently, I have a BIG IP HA (active-standby) pair located in the HQ office and a BIG IP standalone located in a remote secondary data center. All three 4000s boxes are running LTM+GTM+APM with v11.2.1 (I am planning to upgrade to v12 soon). Due to I have no plenty of IPv4 public addresses, I could not deploy a data center load balancing in active-active mode by using GTM. I have a active-pasive scenario instead. It works as follows: every time there is a disaster in the HQ, the Internet service provider (carrier) switch the internet connection to the secondary DC, so the standalone must take over with the same configuration, IPs, pools and virtual servers as if it was the "HA" pair.

 

To manage this scenario has become a pain due to I need to manually configure the daily changes in the standalone in order to have it with the last configuration. Therefore, I am thinking of deploying a scenario where the configuration changes could be replicated from the HA located in the headquarters to the standalone located in the secondary DC. Currently, I am using a VLAN in the HA boxes just for sync and monitoring. Such VLAN is attached to the 1.8 NIC in each box, so there is a cable which bonds them.

 

I have some questions about this scenario: - Is it possible to Sync Only the devices in my platform composed of the HA pair and the standalone located 50 miles away each other? - In case of being able to Sync Only the configuration, do I need to have a dedicated link (low latency, dedicated bandwidth) for the communication between the HA and the standalone? - Is the standalone ever going to pull the configuration from the active device, no matter if there is a failover in the HA? - What kind of configuration files could be synchronized?

 

Thanks in advance for your help.

 

Jorge

 

  • A Sync Only group will synchronize your APM policies as well as any ASM policies, but will not synchronize any of your traffic objects (Virtual Servers, pools, etc). If you setup a Sync Failover group, it will fail over to the standby just as it would if the device was local. This is likely not what you want.

     

    You could configure the GTM to only use the secondary data center if the primary is offline, which is likely what you want to do. The caveat there is that you will need to have the GTM configured in the secondary data center to pass results to the world when the primary data center goes offline.