Forum Discussion
What will be happen to live and existing connections when failover HA BIG IP active-standby
Good morning
I have a little question, when we create HA configuration with active-standby mode, with Mac Masquerade configuration. What will be happen to live and existing connections? They will be disrupted when we do failover? or will the network device immediately find the standby device that has the same masquerade mac and floating ip without any timeout process first?
Thank you
- akonuModerator
Zen_Y .
To maintain active connections when a failover occurs, you will need to configure connection mirroring.I found some information that could help answer your questions on our myf5 portal, please click on the links below .
K84303332: Overview of connection and persistence mirroring (13.x - 16.x)
https://my.f5.com/manage/s/article/K84303332
Manual Chapter : Managing Connection Mirroring
https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-device-service-clustering-admin-11-5-0/9.html
On the other hand MAC masquerade optimizes the flow of traffic during failover events
K13502: Configuring MAC masquerade (11.x - 17.x)
https://my.f5.com/manage/s/article/K13502.I hope this helps.
- Zen_YCirrus
Hi akonu
This is interesting, I have read several articles about mirroring connections, but in the implementation in reality, I have not implemented this. Is there any information about the impact of this implementation? such as increasing cpu, memory, network load or even certain bugs that must be avoided on both active and standby devices?
And when we do not implement a mirroring connection, will the existing connection time out before it finds a new active device?
This is dependent on how the application handles a no response. I would say from a TCP perspective, the connection would time out, it would inform the user of the connection loss and you would have to refresh the connection or resend the request.
- akonuModerator
When a failover occurs, all existing connection will be reset because the newly active device is not aware of the existing connections to the previous active device. please find below a knowledge based article that explains this.
K14203: Active connections may experience a long delay following failover
https://my.f5.com/manage/s/article/K14203
Hope this helps
- PeteWhiteEmployee
Mirroring is usually used for protocols where they are tightly bound to the underlying TCP session eg FTP/Telnet. For HTTP it is irrelevant - HTTP will create a new TCP session and the client wont notice the difference
- M_najafikhahAltostratus
Zen_Y
MAC masquerade will use gratuitous ARP. As a first step, you should ensure that your network switches can handle gratuitous ARP. If gratuitous ARP is disabled on your network, you may experience at least 5 minutes of outage.
As others have said, for "existing connections", Connection Mirroring is the solution. - Zen_YCirrus
Thank you all for the discussion, more or less I now understand the flow that occurs on the existing connection when manual failover is performed on BIG-IP, thank you
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com