Transparent Load Balancing in Azure
Thank you as always. For the sake of others reading the article, I'll share what I did in Azure to get this to work: I set up Azure LB health probe. In my case, I used an HTTP probe on port 80 requesting "/". Then I made sure that port 80 was allowed in the setting of the SelfIP, and I created 2 VIPs listening on port 80, one for each self IP. Importantly, these VIPs were in traffic-group-local-only, so there is 1 VIP on 1 device, and another on the other. This is explained in K13896. Then I applied a traffic policy to forward all incoming traffic on these VIPs to another VIP, which I configured as 255.255.255.254 and, importantly, this last VIP lives in traffic-group-1. This VIP has an iRule attached that responds with 200 OK to every http request. The result: Azure sends health checks to both F5 VM's, both receive the health check but only the Active device can forward it to 255.255.255.254, since traffic-group-1 only exists on Active device. Now Azure believes Standby device is down and Active is up, and a LB Rule with "floatingIP" enabled in Azure works well and my application VIP has the same IP as the load-balancer front end. IF you're a customer that needs help here, leave a message or reach out, thanks!