Forum Discussion

ASF's avatar
ASF
Icon for Altocumulus rankAltocumulus
Sep 09, 2022
Solved

BIG-IP VE VMWare Cluster HA triggering configuration

Hi,

this is my first step  into BIG-IP VE deployments (always viprion so far).

I have all my test clusters up & running in a VMWare environment: Active/Stanby using dedicated vNIC&VLAN.

4 vNIC per device, 2 cluster members, each one running at different ESXi.

But I would like to ccountercheck which would be the best option to trigger HA. At PHY deployments we deploy HA Group based on trunks. Now this does not work for all cases. 

Would a failsafe condition based on VLAN be the best solution? E.g. with failover to the sdby BIG-IP in case no ARP was received from client_VLAN gateway?

any comment wellcome!

Regards.

 

  • Hi ASF ,

    I think you might need to consider some questions around the failsafe topic, including what your expected failure scenarios might be. For instance, in a virtual environment I'd say the chances of losing the VLAN near to the interface of the VE are low, but something like a missing gateway or an upstream connection might be a greater risk. You should also only configure VLAN failsafe on the vlans that truly matter.

    The other option, gateway failsafe, can monitor one or more upstream gateways, depending on the architecture. https://support.f5.com/csp/article/K75303031

    HA Group builds on gateway failsafe but can work at the traffic group level, should you have a need for that level of control. https://support.f5.com/csp/article/K42542000 

2 Replies

  • Hi ASF ,

    I think you might need to consider some questions around the failsafe topic, including what your expected failure scenarios might be. For instance, in a virtual environment I'd say the chances of losing the VLAN near to the interface of the VE are low, but something like a missing gateway or an upstream connection might be a greater risk. You should also only configure VLAN failsafe on the vlans that truly matter.

    The other option, gateway failsafe, can monitor one or more upstream gateways, depending on the architecture. https://support.f5.com/csp/article/K75303031

    HA Group builds on gateway failsafe but can work at the traffic group level, should you have a need for that level of control. https://support.f5.com/csp/article/K42542000