Forum Discussion
AltocumulusWant to understand BigIP F5 LB Active/Active setup
I am exploring HA setups of F5 Load Balancer. I have question on F5 Active/Active HA setup.
What will be uses cases of having both F5 LB in Active/Active mode?
How traffic can be distributed between both nodes?
F5 can be set up in two ways: Active/Active and Active/Standby. An Active/Active setup has some cool benefits, like better high availability, improved scalability, and better resource use. In this setup, both load balancers are busy handling traffic, so if one fails, the other can keep going without much trouble. This is especially helpful for apps that get a lot of traffic, because it spreads the load out so no single device gets overwhelmed. It also helps spread traffic to the closest data center, which means users get faster response times. By using both devices, you make sure they both help out, instead of just one sitting idle.
But there are also some things to keep in mind about an Active/Active F5 LB setup. First, it can be a bit tricky to set up and keep running. You have to make sure traffic is evenly distributed and that both devices are in sync. Troubleshooting can also be a bit harder, since problems can come from the two active devices working together. There’s also a chance that the network can get too busy, which could slow things down if you don’t manage it well. And lastly, it’ll cost more because you need two devices that can handle a lot of traffic, which means you’ll need more powerful and expensive hardware.
For your other query to AswinYou’ve got the right idea about traffic-groups in an F5 Active/Active setup. Traffic-groups are like traffic managers that help you distribute traffic in this configuration. Each traffic-group can be linked to a specific set of virtual servers, and you can assign these groups to different devices in the cluster. This way, you can decide that traffic ‘A’ should go through F5-1 and traffic ‘B’ should go through F5-2, based on how these virtual servers and their traffic-groups are set up. By carefully configuring traffic-groups, you can make sure that the workloads are balanced just the way you want them. This setup is all about optimizing resource usage, making sure there’s redundancy, and keeping things super high-available.
Now, in a general Active/Standby setup, you usually make changes on the Active device, and those changes automatically get copied to the Standby unit. But in an Active/Active setup with F5 devices, things are a bit more complicated because both devices are handling traffic at the same time. So, when you make changes in an Active/Active setup, you need to be extra careful to make sure they’re consistent on both devices. F5 has a cool feature called Device Service Clustering (DSC) that helps you do just that. When you make a change on one device, DSC makes sure that the changes are copied to the other devices in the cluster, keeping everything in sync and consistent. It’s important to plan and manage these changes carefully to avoid any problems and make sure everything runs smoothly across your Active/Active setup.
NetworkFreelancerThank you all. It feels great to see mates coming front to help and solve other's questions.
I joined the community just a week back and I have asked two questions till now. Both the questions were solved by fellow community members. I really appreciate their time and help here.
I am happy to be part of the community.
f51Cumulonimbus
F5 can be set up in two ways: Active/Active and Active/Standby. An Active/Active setup has some cool benefits, like better high availability, improved scalability, and better resource use. In this setup, both load balancers are busy handling traffic, so if one fails, the other can keep going without much trouble. This is especially helpful for apps that get a lot of traffic, because it spreads the load out so no single device gets overwhelmed. It also helps spread traffic to the closest data center, which means users get faster response times. By using both devices, you make sure they both help out, instead of just one sitting idle.
But there are also some things to keep in mind about an Active/Active F5 LB setup. First, it can be a bit tricky to set up and keep running. You have to make sure traffic is evenly distributed and that both devices are in sync. Troubleshooting can also be a bit harder, since problems can come from the two active devices working together. There’s also a chance that the network can get too busy, which could slow things down if you don’t manage it well. And lastly, it’ll cost more because you need two devices that can handle a lot of traffic, which means you’ll need more powerful and expensive hardware.
For your other query to AswinYou’ve got the right idea about traffic-groups in an F5 Active/Active setup. Traffic-groups are like traffic managers that help you distribute traffic in this configuration. Each traffic-group can be linked to a specific set of virtual servers, and you can assign these groups to different devices in the cluster. This way, you can decide that traffic ‘A’ should go through F5-1 and traffic ‘B’ should go through F5-2, based on how these virtual servers and their traffic-groups are set up. By carefully configuring traffic-groups, you can make sure that the workloads are balanced just the way you want them. This setup is all about optimizing resource usage, making sure there’s redundancy, and keeping things super high-available.
Now, in a general Active/Standby setup, you usually make changes on the Active device, and those changes automatically get copied to the Standby unit. But in an Active/Active setup with F5 devices, things are a bit more complicated because both devices are handling traffic at the same time. So, when you make changes in an Active/Active setup, you need to be extra careful to make sure they’re consistent on both devices. F5 has a cool feature called Device Service Clustering (DSC) that helps you do just that. When you make a change on one device, DSC makes sure that the changes are copied to the other devices in the cluster, keeping everything in sync and consistent. It’s important to plan and manage these changes carefully to avoid any problems and make sure everything runs smoothly across your Active/Active setup.
- NetworkFreelancer
Hi F51, thank you so much for detailed explanation.
It clears almost all my queries. As you suggested, I will explore DSC options.
- NetworkFreelancer
Thank you Aswin. Appreciate your detailed explanation.
I have follow up query - How will we define traffic distribution? I mean how will we make sure that traffic "A" should go via F5-1 and traffic "B" should go via F5-2. Is it based on the traffic-groups? I was going through some F5 reference tech pages and I came across traffic-groups term. Based on my understanding, traffic-groups will be responsible for distributing traffic based on our needs. Please confirm if my understanding is correct.
Also in general any Active/Standby setup, we make configuration changes on Active device only and those changes will be match to Standby unit. I never worked in production on BigIP F5 devices yet, exploring it in the LAB. But Here, I am talking about any general HA setup, e.g. firewalls. Now, in case of BigIP F5 Active/Active setup, where should we make the configurational changes? And how sync will be done? Sorry, I might be asking multiple questions, but these thoughts are coming in my mind so trying to understand the case.
Thank you again. Looking forward to get answers to my follow up queries from you or anyone on the community.
- Aswin_mk
MVP
I hope the link will help you to setup ACTIVE/ACTIVE - Creating an Active-Active Configuration Using the Setup Utility
In an F5 active/active setup, traffic distribution is defined by creating multiple "traffic groups" where each group contains a set of virtual servers and associated IP addresses, and each F5 device in the cluster actively handles traffic for a specific traffic group, essentially allowing both devices to simultaneously distribute traffic across the application servers, with failover capabilities if one device becomes unavailable; this is achieved through configuration settings like "preferred device order" within the traffic group, ensuring seamless transition of traffic to the other active device.
BR
Aswin- NetworkFreelancer
Thank you Aswin. This is helpful to me.
- Aswin_mk
Hello,
While Active/Active HA setups are less common than Active/Standby, they can be useful in specific scenarios, including
- In an Active/Standby setup, one device sits idle until a failover occurs. In Active/Active, both devices share the load, improving resource efficiency.
- If different business units or applications are using the same F5 appliances, you can assign different applications or route domains to each active unit.
- When handling high traffic volumes, distributing traffic across both appliances helps scale better without leaving one device underutilized.
- If both F5 appliances are in different locations but need to be active simultaneously, Active/Active can be used with GTM (DNS-based load balancing)
Challenges
- If session persistence (e.g., source IP, cookie) is required, ensure both units share session persistence using Connection Mirroring.
- Active/Active setups require stateful synchronization of connections, which can increase CPU and memory usage.
- If one node fails, the surviving node must handle all traffic, requiring proper capacity planning.
BR
Aswin
