Applies To:

Show Versions Show Versions

Manual Chapter: Introducing BIG-IP Device Service Clustering
Manual Chapter
Table of Contents   |   Next Chapter >>

What is BIG-IP device service clustering?

Device service clustering, or DSC™, is an underlying architecture within BIG-IP® Traffic Management Operation System® (TMOS®). DSC provides synchronization and failover of BIG-IP configuration data at user-defined levels of granularity, among multiple BIG-IP devices on a network. More specifically, you can configure a BIG-IP device on a network to:

  • Synchronize some or all of its configuration data among several BIG-IP devices
  • Fail over to one of many available devices
  • Mirror connections to a peer device to prevent interruption in service during failover

If you have two BIG-IP devices only, you can create either an active-standby or an active-active configuration. With more than two devices, you can create a configuration in which multiple devices are active and can fail over to one of many, if necessary.

By setting up DSC, you ensure that BIG-IP configuration objects are synchronized and can fail over at useful levels of granularity to appropriate BIG-IP devices on the network. You also ensure that failover from one device to another, when enabled, occurs seamlessly, with minimal interruption in application delivery.

DSC components

Device service clustering (DSC™) is based on a few key components.

A device is a physical or virtual BIG-IP system, as well as a member of a local trust domain and a device group. Each device member has a set of unique identification properties that the BIG-IP® system generates.
Device groups
A device group is a collection of BIG-IP® devices that trust each other and can synchronize, and sometimes fail over, their BIG-IP configuration data. You can create two types of devices groups: A Sync-Failover device group contains devices that synchronize configuration data and support traffic groups for failover purposes when a device becomes unavailable. A Sync-Only device group contains devices that synchronize configuration data, such as policy data, but do not synchronize failover objects.
Traffic groups
A traffic group is a collection of related configuration objects (such as a virtual IP address and a self IP address) that run on a BIG-IP device and process a particular type of application traffic. When a BIG-IP device becomes unavailable, a traffic group can float to another device in a device group to ensure that application traffic continues to be processed with little to no interruption in service.
Device trust and trust domains
Underlying successful operation of device groups and traffic groups is a feature known as device trust. Device trust establishes trust relationships between BIG-IP devices on the network, through mutual certificate-based authentication. A trust domain is a collection of BIG-IP devices that trust one another and can therefore synchronize and fail over their BIG-IP configuration data, as well as exchange status and failover messages on a regular basis. A local trust domain is a trust domain that includes the local device, that is, the device you are currently logged in to.
Folders and sub folders
Folders and sub-folders are containers for the configuration objects on a BIG-IP device. For every administrative partition on the BIG-IP system, there is a high-level folder. At the highest level of the folder hierarchy is a folder named root. The BIG-IP system uses folders to affect the level of granularity to which it synchronizes configuration data to other devices in the device group.

About configuration synchronization

Configuration synchronization (also known as config sync) is the operation that the BIG-IP® system performs to propagate BIG-IP configuration changes to all devices in a device group. BIG-IP devices that contain the same configuration data can work in tandem to more efficiently process application traffic on the network.

If you want to exclude certain devices from config sync, you simply exclude them from membership in that particular device group.

You can sync some types of data on a global level across all BIG-IP devices, while syncing other data in a more granular way, on an individual application level to a subset of devices. For example, you can set up a large device group to sync resource and policy data (such as iRules® and profiles) among all BIG-IP devices in a data center, while setting up a smaller device group for syncing application-specific data (such as virtual IP addresses) between the specific devices that are delivering those applications.

About failover

Failover within a device group means that multiple devices are available for the BIG-IP® system to choose from to assume traffic processing for an off-line device. When you configure device service clustering (DSC™) within the network, any device in a Sync-Failover device group can fail over a user-specified set of configuration objects to another device in a device group. This set of configuration objects is known as a floating traffic group. DSC failover gives you granular control of configuration objects that you want to include in failover operations.

If you want to exclude certain devices on the network from being peers in failover operations, you simply exclude them from membership in that particular device group.

To simplify the configuration process, the DSC feature includes a pre-configured floating traffic group named traffic-group-1. By default, this traffic group includes all floating IP addresses that you create on the system.

About connection mirroring

You can configure connection mirroring between any two devices in a device group. Connection mirroring ensures that if an active device becomes unavailable for any reason, any in-process connection does not drop; instead, the mirroring peer assumes the processing of that connection, with little to no interruption in service.

Table of Contents   |   Next Chapter >>

Was this resource helpful in solving your issue?

NOTE: Please do not provide personal information.

Additional Comments (optional)