Gerald24AltostratusJul 20, 2022Active/Active HA SetupI have a question regarding HA Setup with Active/Active Setup.I want to perform sync in both devices without affecting the configured routes of Both F5. Do you have an idea how could I do it? I'm trying to configure it in an F5 VE AWS environment.
1 ReplyReplies sorted by Most LikedSort ByMost LikedOldestNewestStephanMantheyMVPJul 20, 2022There is a way to put configuration objects (i.e. virtuals, pools,profiles) and file objects (i.e. certs/keys) into folders. You would run your BIG-IPs not in a sync-failover device group, but in a sync-only device group. To create the folder you might follow this example: tmsh create sys folder allsites_synconly \ device-group devgroup_sync-only_all-sites \ traffic-group none tmsh save sys config partitions all Objects like certificates may be imported/assigned to a folder like this: tmsh create sys file ssl-key allsites_synconly/cert_service.bit \ source-path file:/shared/service.bit/service.bit.key tmsh create sys file ssl-cert allsites_synconly/cert_service.bit \ source-path file:/shared/service.bit/service.bit.crt If you prefer using the TMUI, don´t forget to put the folder always in front of your objekt name, i.e.:
StephanMantheyMVPJul 20, 2022There is a way to put configuration objects (i.e. virtuals, pools,profiles) and file objects (i.e. certs/keys) into folders. You would run your BIG-IPs not in a sync-failover device group, but in a sync-only device group. To create the folder you might follow this example: tmsh create sys folder allsites_synconly \ device-group devgroup_sync-only_all-sites \ traffic-group none tmsh save sys config partitions all Objects like certificates may be imported/assigned to a folder like this: tmsh create sys file ssl-key allsites_synconly/cert_service.bit \ source-path file:/shared/service.bit/service.bit.key tmsh create sys file ssl-cert allsites_synconly/cert_service.bit \ source-path file:/shared/service.bit/service.bit.crt If you prefer using the TMUI, don´t forget to put the folder always in front of your objekt name, i.e.:
Recent Discussionsglobal-settings remote-host - what is the use of this setting ?Exchange server extended protection and BigIPWAF for APM Oauth Authorization VSF5 license applicationiRule to Log When Pool Member does not Respond to HTTP Request
Related ContentF5 Active Standby Node ConfigurationRe activate license failedNeed recommendation on Active-Active F5 setupIn an active/standby setup of ASM, with sync only device group, do signature updates sync up?Activate serverssl profile in iRule