I working on a new solution for the client. Client will be connected with two MPLS circuits to primary data center (A), and another two MPLS circuits to stand by data center (B). I would like to failover to B only if it's necessary (big outage in A or maintenance).
There will be layer2 between A and B (for different VLANs, like SQL replication, application, LTM network etc.). All LTM appliances will be virtual.
I have two questions please:
Is there a better way to design it? The most important factor here is that the environment will be highly available (99.97% or more)
Thanks for your input!
The F5 default recommendation is that you should have an HA pair in each DC, and use F5 DNS (GSLB) to shift traffic between data-centers.
You can sync four devices in a device group, but you can't really build two HA pairs in that group - you would move the IP addresses from DC1 to DC2, which may require some really complex dynamic routing changes on failover.
Basically, the design should accept that an entire DC could go dark - no incoming link, no DC-DC link. The standby site should just function independently, get the traffic, and work.
Right, in typical scenario, the traffic will go/might go to both data centers.
In my case, the telco will use BGP to advertise IP addresses of one location only. In case connectivity to primary data center fails, telco will advertise the same IP addresses from second data center. Not sure if GSLB it's a good idea here... Maybe only if they can advertise different subnets from both data centers.
Can I have four devices in one HA group?
In case of ESX/storage issue (in primary data center), the virtual IPs will be advertised from LTMs in second DC, correct? I've planned to use the same server IPs in both data center (at least from load balancer standpoint).
In case the entire DC going dark, it will be much simpler scenario, all traffic will be sent to second DC.
I have a problem how to manage cases of partial impact, for example the virtual environment is down. In this scenario, from telco perspective all works fine in first DC, and all traffic from the client will continue to come to that location, but LBs and all servers will be down...