Link Controller sync issues
Hi Folks. We tried to configure LC from standalone to HA (Active-Standby). When we run gtm_add the objects of LC was synced. After, when we try to sync from Device Management only LTM objects are synced. Other issue is that the monitors mark down (Links and wideips) on Standby Unit. We followed the next steps ( https://support.f5.com/kb/en-us/products/lc_9_x/manuals/product/lc-implementations-11-6-0/4.html😞 -Build cluster with HA vlan and failover connection. -Sync using HA VLAN. Secondary using MGM. -Network failover using HA VLAN. -Create Sync failover group. -Configure NTP. -Add the floating IPs and Sync. -Configure Port-lockdown allow default. -Enable Golbal traffic Sync. -Run gtm_add tool. -Test to add LC object and is not synced. Only works when run again gtm_add tool Note: For one ISP we have one public IP available (used only for outbound traffic). The self-IP is configured on Active Unit. F5 active ISP 1 .- Self IP and floating IP (Vlan 2) ISP 2.- Self IP and floating IP (Vlan 3) ISP 3.- Self IP and floating IP (Vlan 4) ISP 4.- Self IP ( Vlan 5) (We have 1 public IP) F5 standby ISP 1.- Self IP and floating IP (Vlan 2) ISP 2.- Self IP and floating IP (vlan 3) ISP 3.- Self IP and floating IP (Vlan 4) ISP 4.- No self IP583Views0likes6CommentsLink Controller, dual-homing with two ISP and own ASN and IP blocks
Hello, I've been reading and searching around to find an answer to my question but there is one part that is not clear. We have a data center with our own /21 IP block and ASN. Currently we are connected through an ISP and have a pair of BIG-IP Link controllers in HA connected to a pair of Cisco routers which are then connected to the service provider. Inbound traffic goes through a Firewall before entering the network. It is not possible to provide IP-transit, so BGP is out of the question. We want to have a second ISP as backup link so we can have failover in case the main link goes down. Everything I read around the Internet speak about how to configure the links and how the device manages links and can load balance. I understand the scenarios where we should have two separate VLANs for connections to ISPs, and virtual servers and pools. But the question is, knowing that we have our IP block that should be advertised by the ISP for global routing, how is that managed in case a second ISP enters the game, since they should both advertise the routes towards the data center, what happens if one link goes down? Does this setup require the ISPs to cooperate with us and perhaps stop advertising if one link goes down, thus the setup is no longer transparent to the ISPs? Also, when having both links up and running, with both ISPs advertising, does this mean response packets can come back through the other link? and does the BIG-IP handle that? Or it is not possible to have the entire range advertised by both and we should be splitting the range and have each service presented with two virtual servers, one for each link? I'm confused.560Views0likes1CommentLocal Traffic Adaptive Monitoring
Hi All, Anyone ever try to used adaptive monitoring on F5? As mention on LTM monitor reference document: "A monitor with adaptive response time enabled marks a service as up or down based on the deviation of latency of the monitor probe from the mean latency of a monitor probe for that service. In typical cases, if the monitor detects three consecutive probes that miss the latency value you set, the system marks the pool member or node as down." In my case, I'm going to use this adaptive monitor for monitoring ISP link on F5 Link Controller, run using BIGIP OS 13.1.0.2. I make a monitor object like this: Type: gateway_icmp Interval time: 5 sec Timeout time: 16 sec Transparent: Yes Alias address: 8.8.8.8 Alias port: all ports Adaptive: Enabled Allowed Divergence: Absolute, 5 msec Adaptive Limit: 5 msec Sampling timespan: 60 sec If I do ping test from CLI to 8.8.8.8, then I get the average latency time is 13 msec: [root@CDT:Active:Standalone] config ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=61 time=13.2 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=61 time=13.0 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=61 time=13.4 ms I was intentionally set the allowed divergence and time limit to a low number, which is 5 msec, to see how this monitor will marked down the pool member, which in this case is an ISP link. But I never get this pool member to be marked down by this monitor object. Anything wrong on my configuration? Do I need additional configuration to make it work? Thanks anyway..819Views0likes2CommentsGTM Sync or Device Management Sync?
I have an old pair of devices on HA in version 11.6.4, they don't have GTM module, but Link Controller instead. There's an issue that sometimes, suddenly, Wide IPs configuration is changed without any human intervention, and I think that is probably due that I have Device Management Sync in Manual, and also I have Link Controller Configuration Synchronization activated. So, my theory is that maybe I only need to have Device Management Sync configured, and Link Controller Configuration Synchronization needs to be disabled in order to prevent issues with automatic GTM (Link Controller) sync. I'm not sure if Device Management Sync syncronize the bigip_gtm.conf file or this only happens with GTM (Link Controller) sync...535Views0likes1CommentF5 Big-IP Link Controller resolve fqdn to DNS request
Hi, I have a environment licensed with Link Controller and not with GTM, I need to configure the LC with WideIP resolving DNS request, the zone configuration remains on external DNS server, when the DNS Server receive a request to FQDN that configured on the LC, this FQDN is registred on the DNS Server with NS to the two Listerners IPs of the Link Controller, and the LC resolve the DNS request for this FQDN. Is it possible configure this with Link Controller? Thank you239Views0likes0CommentsLink Controller Version 13 or 14
Hello Comunity, My customer have a BIG-IP 2000 with firmware version 12.1.3.3 that have a Link Controller license. Is it posible to upgrade to version 13 or 14 with that type of license? I have heard that Link Controller is a old module, so i am worry about the posiliby of upgrade. Thanks Christian246Views0likes1CommentDNS Flag Day - F5 Link Controller Wide IP question
Hi, If External DNS is being pointed to Link Controller (LC) Inbound Wide IP, does it consider as using GTM? Anything to be worried about? I can see in the KB https://support.f5.com/csp/article/K07808381 - it mentioned as Non-applicable, just to clarify this...368Views0likes1Comment