Forum Discussion

Shurik's avatar
Shurik
Icon for Altostratus rankAltostratus
May 19, 2021
Solved

one-arm scenario, external network?

I just installed two virtual big-ip LTM VMs, and I'm ran “Run Config Sync/HA Utility”.

I see I need to configure external network as part of HA utility. I've planned to use one-arm scenario. I'm planning to use SNAT.

 

Is there a need to configure external network?

Could you please let me know what is the best practice in such case?

  • Hi Shurik,

     

    >> Is there a need to configure external network?

    No, there is no need to configure the external network. As long as the HA comms has a vlan to work over, it is happy.

    I suspect you are referring to the "external", "internal" and "ha" vlans that get automatically created when you run through the wizard? Those are provided to help you get all the basics ready, but there is no specific requirement to follow them. In the wizard, you can also skip this section and manually create any vlans you want to use in your environment.

    Once you have then created all your vlans and self IP's, you can configure the ones that HA needs to use via Device Management ›› Devices ›› <select your device>

     

    Saying that, if you have configured them, and don't want to use them, also no problem. If preferred, you can delete them again after the wizard is complete via Network - Vlans.

     

    Best practise is to have a dedicated HA vlan to keep production traffic and HA traffic separate, but even that is not a hard requirement - you can also reuse your internal vlan (or any other vlan) for HA traffic.

     

    Hope this helps.

     

     

2 Replies

  • Hi Shurik,

     

    >> Is there a need to configure external network?

    No, there is no need to configure the external network. As long as the HA comms has a vlan to work over, it is happy.

    I suspect you are referring to the "external", "internal" and "ha" vlans that get automatically created when you run through the wizard? Those are provided to help you get all the basics ready, but there is no specific requirement to follow them. In the wizard, you can also skip this section and manually create any vlans you want to use in your environment.

    Once you have then created all your vlans and self IP's, you can configure the ones that HA needs to use via Device Management ›› Devices ›› <select your device>

     

    Saying that, if you have configured them, and don't want to use them, also no problem. If preferred, you can delete them again after the wizard is complete via Network - Vlans.

     

    Best practise is to have a dedicated HA vlan to keep production traffic and HA traffic separate, but even that is not a hard requirement - you can also reuse your internal vlan (or any other vlan) for HA traffic.

     

    Hope this helps.