Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

F5 cluster in Azure - why ALB is suggested in fornt?



Recently we are building F5 cluster in Azure. Regular stuff, with VIPs and RServers behind the F5, maybe SSL termination.

Initially we wanted to build it in classic way. Public IP in front + DNS entry (no need for DNS LB), next NAT it to F5 Outside/DMZ IP - nothing fancy.

Yet vids I see in Internet suggst to use Azure LB in front of F5 LB and directing traffic from Azure LB to F5 self IPs, not floating IPs

Could you tell me what is the reason? Azure has some issues with floating IP?


Maybe if some autoscaling is configured so if more F5 BIG-IP VMs are auto created the Azure ALB (Azure Gateway) will auto send traffic to them. Also the Azure ALB also auto scales so it can provide some basic protections from basic DDOS attacks. As I work more with AWS the AWS ALB provided protections from SSL renegociation, TCP SYNC attacks and slowloris.



If you haven't seen this guide I suggest giving it a read, it has some valuable information on the different deployment scenarios available. 


If you are using Active/Standby HA then Azure ALB will be useful in sending traffic to active device based on health check configured in ALB.

In cloudn GARP not possible , so floating IP concept will not shift to active device during failover,

to achive Floating ip scnerio use the F5 AZURE ARM template API based.

i suggest to use the F5 ARM template, which has both options with ALB with API HA setup deployement.

ref the below link for F5 office ARM template.