How To Configure BIG-IP-F5-LTM- HA/Active/Standby Mode

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi all welcome back today i'm going to perform a small video on how to configure active standby in f5 load balancer uh this is my small topology in that i have a two big ipfi uh load balancer so this is a big ip2 and this is big ip1 and i a bigger v1 is already pre-configured with the uh interfaces that is uh i performed the last video on how to configure the vlan so big ip2 is a fresh one i have not yet configured anything and for big iphone and big ip2 is connected on uh interface one e once e1.3 and big ip2 i have configured the management server as uh 190 to 168 to 38.211 so i will show the configuration for being ipv1 what i have configured earlier okay and if you go to the vlans i have created external vlan and milan tan 2030 but i have not configured anything on ha and if you go to the cell phone piece i have for the external self ip and self ip for vlan 10 20 30 and this is all about the ip addresses if you go to the uh interfaces one uh one dot one and one dot two is up and running and any uninitialized was actually link that is uh one dot to this link e1.3 and after that we have created the uh nodes for uh big ip one this is the server one two three and polls for server one and two i have created http and ssh and virtual server for study h3d paint as ssh and h2dps so if you go to the big ip2 i have configured only the management interface 190 to 168 to 38.11 okay if you go to the network in that network i don't have any vlans and i don't have any self id i don't have any interfaces which is configured and local traffic i don't have any nodes on this so we will uh create everything so what we have configured in big efi one okay so first i will go to the big ipf file one and then i will create uh h a vlan okay so i have only external and vlan 10 20 30 before proceeding further first i need to configure this interface which is connected to e1.1 as a switch trunk board so first i will configure that one and switchboard mode let's verify the interface is trunk so i have two interfaces strong configure as evens uh slash zero and even slash one even slash zero is connected to big ip one and e one slash one is connected to big ip2 so save the configuration and go to the big f5 one and create a vlan for etching create hf vlan so you can provide uh no need to provide anything you can mention aj port hl link and it is connected to 1.3 and which is under access port and it click on finish so we got hl vlan and go to the self ip and create a self id for ha h ln cell 5p and ip address is 172 168 1.1 1.1 with the slash 24 subnet mask and select the jv line and allow default click finish so we got external and three vlan and it's a link go to the interface and h that hh interface up and running okay that's it from uh that's it for being ipv1 go to the big ip2 so we need to create from scratch uh the network interfaces vlans so i will create five vlans one for external three for vlan external vlan and one more thing for bigger v2 i have a ip address as gateway for this is 180 to 160 230 dot 101 and we have is 230.150 and similarly for uh big ip2 i have a gateway for 190 to 192.168.10.1.1 and one not 20.101 and 30.101 for all three valen three vlans similarly we will configure here description connected to external external vision and interface is one dot one and that is untangled one added repeat and fill and ten we'll enter an id 10 that is tied one one dot to add it repeat we land 20 tank 20 and 1 slash 2 and 1 and it repeat and that is untangled one and one dot three untight and it finish it if you see here i got external ha that is untangled uh accessport and vlan is 10 20 30 we land go to the self i piece i don't have any self ips 2 big ip2 created one external one external self ip ip address is 190 to 168 230.101 net mask is 24 subnet mask connect select the external vlan tunnel and port unlock is all repeat it and greenland will intensify ip address is 192.168.10.101 and subnet masks slash 24 subnet mask and select the vlan as well and then allow default repeat 20 190 to 160 820 20.101 that mask is 24 vlan 20 select the vlan allow default vlan 30 self ip and 192 160 830.101 and select the v9 tunnel as vlan 30 allow default repeat and keyland address is 170 to 168 1.2 uh slash that mask is 24 subnet mask and select the hiv line allow default click finish so i got the five uh self at this one for external one for h and three four we lack 10 20 30 so go to the interfaces select all three uh all three interfaces are up and running go to the local traffic and we will create the three nodes okay create a three nodes server one and servers one ip addresses 192 168 10.1 i will configure i will use the default configuration repeat server to and my brand brush is 192.168.20.1 and click on repeat and server three server three and that type address is 190 to 168 30 dot one click finish okay i got these three servers let's create the pool or http and i will not configure the health monitor so my load balancing method uh i will select as it is default one and select the new member select the node list and add the 10.1 and select the port http port 80 and click on and select the node 2 that is 20.1 click on add it and select server 3 click on edit and click finish so we got nodes pools and we need to create a virtual server virtual server for sshttp okay description virtual server for fam i will keep a virtual type virtual server type as a standard one source any destination is one hour external vip 192 168 230 230 dot 151 i believe 150 150 150 and service port is http and protocol is tcp and select that http profile as h3dp and come down and select the default pool as http click on finish so everything we have configured here so still now we have not had configure the ha part so for that i will go to the big ipv1 here come to device management and select the devices in this we need to add the like you know we need to add the synchronization so whether we need to specify the ifp address that that is used for synchronize their configuration objects and their other devices so click on the beat ip1 and go to config sync here is a local local address select the which interface needs to synchronize so i will select hl link and update and go to the failover network and we need nothing is added here so click on add so i want to use the ha ha link and click on finish suppose if you want to add one any other new failover you can click on repeat and it will ask for which one interface you want to select like in a management interface or external one so you can i will land it again management one so click on finish it so i got the tool uh failover links and mirroring them click on click on the mirroring one this configuration will be used to mirror the configurations so first one which one you have to select i want h a link used as two mirror to use the mediating the configuration second one i can select um now i don't want to select second one suppose if you want to have and select it update the same thing similarly we will update this one in big ip2 go to devices click on this big ip2 self sync config select the ha one update go to failover network i don't have edit ha one repeat and i will select the management interface finish it go to mirroring the configuration i will use the hl link to mirror the configuration update so we have configured the config sync failover network and mirroring in fm big ipv1 and big ip2 okay now we will configure the device trust uh so it will be used to uh you know we need we can add the peer ibis to trusted so go to the device management and device trust in that device trust members and here i don't have anything so click on add so you can select here device timers pr1 and one is subordinate so i will select the pl one and device ip address i wanted to trust uh i want to make the trust between big rp1 and big ip2 so yeah this is the ip address you need to enter the bigger ip address p or ip address so i will select 192 168 238.11 that is the management ip address so management uh username and password that is admin and provide the password and click on the retrieve device information so you will get to verify the device verify the device certificates and click on the device certificate matches and add a device it's loading [Music] okay the device is added in the big ip2 device details added in the big ipv1 similarly we will do it for a big ip2 and go to the device management device trust device i don't have anything here click on add it the pr ip select the pier and device iq address is 192 168 238.10 that is management type address and ipad the username is admin and provide the password and click on the retrieve device information and device certificate matches click on it and device okay so now it's added here so go to the devices if you see here in big ip2 i got my device we can give one details and as well as self and if you go to the big ip one in this click on the devices we got a big ip one and two so now what we will do is we will create a sync failover device close so we need to when we are performing a failover so the failover has to happen right so we will create a sync failover device groups so go to the device device management and device groups click on that we don't have anything here click create so provide any group so i can provide a single lever sync failover group and you can group type is like a sync only using failover so in this only if you select sync only the only uh device details will be sync if you're selecting failover whenever the device one is unavailable the it will fail over the uh see it will failover as well as sync okay so provide any description you want so i have available is here is two so i will select both of them and add it and same time will be we have a three automatic with incremental sync manual with incremental sync and manual with full sync so i will select go with automatic with full automatic with incremental sync click on that and finish it same thing i will configure the weak ip2 okay go to the device groups and click on create you can provide sync failover group and group type will be sync failover and i will add the both the devices available and click on automatic with incremental sync and click on finish so now we have created a sync failover device group so now we need to sync the devices so first i will go with a big one go to the device management overview here you can see avoiding initial sync so here you can see i'm waiting initial sync click on sync you can see not all devices synced similarly you can go here okay device two is in sync you can see okay link ip1 is also in sync big ip 2 is also in sync so wait for some time so yeah so we can see in sync here here also go to the device management overview and in sync so both are in sync now so we're going to be to become an active device and we can be one is saying standby okay as of now the activity devices uh fight two big ip fi two and standby one is big ipf i1 so now do the test so where the traffic is going so right now i'm in external user machine so i will type http 190 to 160 to 30.150 ip address okay now it's going so if it is going to web server to do so then we have a whatever we have configured its working and we need to configure the connection mirroring for virtual serving virtual server because we need to uh the big happy system can mirror the tcp or any udp connections for which a virtual server so for that we need to configure the connection mirroring for a virtual server go to the virtual server so the local traffic virtual server and http and here you can see here i can find okay click on the basic click on the advanced here you can see okay here you can see connection rate uh limit mode per virtual server and connection mirroring is made the grid performance click on this one enable and select upgrade update okay now we have done the connection mirroring for virtual server so now we need to test the failover everything so go to the device and device devices here we have a two so as of now uh i mean big ip2 as it's showing as a active one so select the cell phone we happy to come down and go to the force offline from for host this device to offline so i'm making down okay so now it becomes now it's sinking forced offline we will see here force so online active now the device big ip one becomes active and we cap e2 is now showing as a forced offline so now we will test the connectivity yeah now it's going big ip one two three so i think our configuration is worked hr configuration is one i think uh we have done with this slime actually configuring the active standby nha for being happy fi load balancers so i hope this video has been informative for you and i would like to say thank you for watching
Info
Channel: MSKTechMate
Views: 830
Rating: 4.8461537 out of 5
Keywords: How To COnfigure BIG-IP-F5-LTM- HA/Active/Standby Mode, BIG-IP-F5-LTM, BIG-IP, F5, LTM, Active/standby, HA
Id: TxLktQJ3TG8
Channel Id: undefined
Length: 24min 28sec (1468 seconds)
Published: Mon Jun 07 2021
Related Videos
Step by Step F5 Virtual Lab Setup HA
LazyAdmin
233
Deploying F5 Big-IP Active / Standby Cluster in Azure using Azure API for failover
TewfikM F5Contributor
512
Updating BIG-IP HA systems with a point release
AskF5
5K
F5 BIG IP AFM | Getting Started with BIG IP Advanced Firewall Manager (AFM)
Palo Alto Training Video's
6.4K
#F5 LTM Interview Questions and Answers Part2# with Live Examples on the Go.
Skilled Inspirational Academy(www.sianets.com)
11K
F5-BIGIP GTM/DNS Lab explained by Ravi SIngh
Ravi Singh
921
F5 3-day Partner Boot Camp - BIG-IP DNS/GTM (v14.1) Lessons 1 and 2
F5 Networks WW Field Enablement - WWFE
8.7K
F5 deployment mode (One Arm, Two Arm and DSR)
Varun Agrawal
3.9K
BIG IP | f5 or load balancer ios upgrade and installation direct 11.5.0 to 14.1.0
Network Hardware Service & Solution
12K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.