Manual creation of F5 VE HA in MS Azure
Hi, Appreciate any help with my current issue. We are going to migrate the customer's current PAYG to BYOL. Their setup is one standalone for testing and HA pair for production. I knew creating F5 HA pair in Azure is easy using publicly available templates (e.g., Github), but I don't think using the template will work for us. We need to migrate the PAYG instance to BYOL (meaning utilizing the same interfaces, IP addresses, and configuration) with minimum downtime, so I thought pairing the BYOL instance to the existing PAYG instance would do the job. Question: 1. Is it possible to manually create HA pair in Azure without using the template? If this is possible, do we have guides on how to proceed with the configuration? 2. Is it possible to HA pair one PAYG instance and a BYOL instance since PAYG and BYOL are just licensing methods? I need advice and guidance on this setup. Thank you in advance for your responses.
Can we remove sync-only device group? Is there impact of procedure?
Hi Currently we are using F5 LTM+DNS+APM. And we have 4 unit in DNS sync group.. (2 in DC and 2 in DR) We have sync-failover separatly in each DC but we have same sync-only group for APM sync policy Our issue is, They saw device group of other DC show incorrectly. For example. If you are access to GUI on F5 DC. in Device management menu , You will see Sync-failover device group of 2 DC unit (which is correct) but you will also see Sync-failover device group of 2 DR unit too and it show in Disconnect state. <<<< This is problem. but i think it's expect behavior because F5 DC should disconnect from F5 DR I suspect this is happen because we have sync-only group (which include all 4 device both DC and DR) Question is Can we just remove that Sync-only device group? Is there any interruption of service orimpact of procedure? Or I can't remove it and need to re-create all new HA from scratch both DC and DR? Sync status as below Thank you
External authentication and SYNC group
Hi, We have enabled external authentication with our AAA server on the BigIP V 11.3, it worked fine, but later on we found that we cannot sync the devices in the cluster. any Idea. and can we configure external and local authentication at the same time. RegardsTraffic-Group Behaviour
I have been testing traffic-group on my vLabs and I still do not quite understand the behaviour during failover times. The vLab I am working on has the following configuration: BIGIP_A - Traffic-Group-A BIGIP_A - Traffic-Group-B BIGIP_B - Traffic-Group-C BIGIP_B - Traffic-Group-D This configuration makes both devices become an Active-Active pair, which is fine. I expected that. I have added virtual addresses objects on all traffic-groups for testing purposes and enabled SNAT auto-map as well. The question I have is regarding the failover between them. When I simply unplug the network cable, the traffic-groups are not floating to the other device; however, if I power the device off, the traffic-group floats right away. The only situation, which I managed to make the traffic-group to failover after unplugging the network cable is by enabling the VLAN-Failsafe feature, which then automatically failover the traffic group to the other device. Can someone explain the reason for such behaviour or if it is just he way it supposed to be? Thanks
