You configure the BIG-IP® system to handle traffic from an ECMP-enabled upstream router so that you get all-active BIG-IP clustering. Before you can do that, you need to complete some basic tasks for Traffic Management Operating System® (TMOS). These basic tasks include creating VLANs and self IP addresses, and then specifying your NTP servers. Other tasks involve creating a BIG-IP® device group and then syncing a BIG-IP configuration across all devices.
After finishing these tasks, you can configure LTM® to implement ECMP-based all-active clustering, with connection mirroring between BIG-IP devices.
VLANs represent a logical collection of hosts that can share network resources, regardless of their physical location on the network. You create a VLAN to associate physical interfaces with that VLAN. For this implementation, F5 Networks recommends that you create three VLANs on each BIG-IP® device: a VLAN for the external network, a VLAN for the internal network, and a VLAN for high availability communications. Examples of VLAN names are External, Internal, and HA.
Self IP addresses enable the BIG-IP® system, and other devices on the network, to route traffic through the associated VLAN. For this implementation, you perform this task on each BIG-IP device to create a unique static self IP address for each of the three VLANs (external, internal, and high availability). The BIG-IP systems within a device group use these self IP addresses to communicate with one another for config sync, failover, and mirroring. In this task, you replace any sample self IP names or IP addresses with the relevant self IP names or addresses for your network.
For example, you can type 255.255.255.0.
Before you begin this task, verify that:
You use this task to establish trust among devices on one or more network segments. Devices that trust each other make up the local trust domain. A device must be a member of the local trust domain before it can be part of a device group.
By default, the BIG-IP software includes a local trust domain with one member, which is the local device. You can choose any one of the BIG-IP devices slated for a device group and log into that device to add other devices to the local trust domain. For example, devices Bigip_A, Bigip_B, and Bigip_C each initially shows only itself as a member of the local trust domain. To configure the local trust domain to include all three devices, you can just log in to device Bigip_A and add devices Bigip_B and Bigip_C to the local trust domain; there is no need to repeat this process on devices Bigip_B and Bigip_C.
You perform this task to specify IP addresses on the local device that other devices in the device group will use to:
This task establishes failover capability between two or more BIG-IP® devices. If an active device in a Sync-Failover device group becomes unavailable, the configuration objects fail over to another member of the device group and traffic processing is unaffected. You perform this task on any one of the authority devices within the local trust domain.
|Select (Enable)||Select the check box when you want the BIG-IP system to
automatically sync configuration data to device group members whenever a
change occurs. When you enable this setting, the BIG-IP system
automatically syncs, but does not save, the configuration change on each
device (this is the default behavior). To save the updated configuration
on each device, you can log in to each device and, at the
tmsh prompt, type save sys
config. Alternatively, you can change the default
behavior so that the system automatically saves configuration changes on
target devices after an automatic config sync. You make this change by
logging in to one of the devices in the device group and, at the
tmsh prompt, typing modify cm
device-group name save-on-auto-sync
Warning: Enabling the save-on-auto-sync option can unexpectedly impact system performance when the BIG-IP system automatically saves a large configuration change to each device.
|Clear (Disable)||Clear the check box when you want to disable automatic sync. When this setting is disabled, you must manually initiate each config sync operation. F5 Networks® recommends that you perform a config sync whenever configuration data changes on one of the devices in the device group. After you perform a manual config sync, the BIG-IP system automatically saves the configuration change on each device group member.|