Solved

F5 Load Balancer - Active/Standy switching role controlling failover

Posted on 2014-04-02
8
644 Views
Last Modified: 2015-01-08
Running 2 F5 load balancers in a Active/Standby role, running version 10.2.1.
Although in a normal failover scenario it works fine but, recently within the data centre they are hosted, there was a power issue and the Active lost power. The standby took control as expected. They use the serial connection to advertise each other. So, the power on the original Active was restored then  lost a few times ,with the switch it was connected also not available. The result being, all connections were being sent to the Active which had no switch to send connections to or receive so causing timeout for traffic.

So, how do I in this scenario stop the "active" device on having power restored stop becoming the ACTIVE load balancer . Actual fail back needing a manual fail back not automated as in a Cisco ASA active/failover scenario.
0
Comment
Question by:ccfcfc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 39973974
You need to change the preferred HA state to none on both F5's.

However you should setup a fail over check that would detect the F5 not having a valid path.  Depending on your setup defining a fail-safe gateway pool should work.
0
 

Author Comment

by:ccfcfc
ID: 39974513
Sounds a good plan but, as soon as you put one of the devices Redundancy State Preference to NONE both devices start to become "active" . So not sure if you have the steps to stop this actvity.  So LB-01 is in Active/Standby and currently set to Active and LB-01 set to Standby. What ever way I change state Preference to "NONE" they start to fight for Active role.
In principle it seems it should work as, if the Active ever fails and control goes to the Standby you dont want the original Active to take control until you do a manual fail back. It seems I cant get them to operate in an active/standby mode when I change the Redundancy State Preference on either box.
If that makes sense.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39974720
--> Sounds a good plan but, as soon as you put one of the devices Redundancy State Preference to NONE both devices start to become "active"

Then there is a configuration issue someplace.

Do you have Fail Safe VLAN's or Gateways configured?

Have you loaded your config in F5's iHeath?
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 

Author Comment

by:ccfcfc
ID: 40003665
No we do not as we use the serial connector for detecting physicsl failure. Based on geography and the network setup this was seen as the best method opposed to setting up a VLSN to detect for any errors or issues.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 40003700
The serial connection will only help detect a full failure of a F5.  This will not help if you lose a network path between the F5 and another network device.

Do you have two diverse physical (L2) connections from each F5 to different network devices for each logical (L3) network?
0
 

Author Comment

by:ccfcfc
ID: 40061512
No, I was told by F5 direct that whereas you can put diverse conenctions it, this is not a good idea and or possible with a physical 1600. Perhaps this has changed with v11 of the software. I have a single 1 to 1 L2 link between F5 and switch for traffic by L3.
0
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 40061808
You need to use either Fail Safe VLAN's or Gateways or both depending on your setup.
0
 

Author Comment

by:ccfcfc
ID: 40074362
ok I shall look into it
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question