Vlan failsafe-Trunks

Question

Does anyone know or have experience with the suggested timeout period for using vlan failsafe?  If I leave it at the default of 90 seconds and the Vlan were to be down on the switch the active unit is cabled to, that is a very long time for it to failover. I turned it down to 10 seconds and did some testing.  I lose 2 packets when I kill a link on the active unit and it fails over to the standby.  It seems to work pretty well but wondering if there is anything I should be aware of.  10 seconds is the lowest timeout period it will allow me to enter.  &nbsp;
&nbsp;One other question, in regards to using trunks, do people commonly use LACP and if so, what is used for the LACP timeout and LACP link selection policy.  I'm going to bond 1.1 and 1.2 links together as a 2 GB link into a Cisco 6509 &nbsp;
&nbsp;Thanks in advance, i'm newer to F5 but am really enjoying this forum and the product. &nbsp;

chris_miller · Answer

Jayson, 
&nbsp;  
&nbsp; I have always reduced the timeout to 10 seconds like you did. I think the default time is as high as it is to avoid a flapping state between the boxes. If you have a network with plenty of broadcasts or servers that will always be up, you can be pretty aggressive. 
&nbsp;  
&nbsp; As far as your trunking question goes, I definitely use LACP and do so using the default settings. Depending on your requirements, Using "Short" instead of "Long" for "LACP Timeout" wouldn't be a bad idea.

jason_l_40779 · Answer

thanks Chris.  I've had the Vlan failsafe option set to 10 seconds for 4 days now and the boxes have not failed over.  You are correct, there is plenty of traffic on our network and I think i'm going to leave it at 10 seconds for the vlans I will be load balancing for. Also,  I did set up a mac masquerade for all my vlans and am very impressed with the fail over.  Most of the time I won't even lose a packet when I have a ping going against a VIP.  The most I have ever lost is one packet.  &nbsp;
&nbsp;Thanks again..&nbsp;

chris_miller · Answer

Posted By jayson on 08/15/2010 06:22 PM
&nbsp;
thanks Chris.  I've had the Vlan failsafe option set to 10 seconds for 4 days now and the boxes have not failed over.  You are correct, there is plenty of traffic on our network and I think i'm going to leave it at 10 seconds for the vlans I will be load balancing for. Also,  I did set up a mac masquerade for all my vlans and am very impressed with the fail over.  Most of the time I won't even lose a packet when I have a ping going against a VIP.  The most I have ever lost is one packet.  &nbsp;
&nbsp;Thanks again..&nbsp;
&nbsp;&nbsp;

Failover times are indeed very good. Depending on your application, you can always enable connection mirroring if losing a bit of traffic is unacceptable. Since everything important in my network is HTTP, TCP takes care of the necessary retransmissions.

Forum Discussion

Vlan failsafe-Trunks

3 Replies

Recent Discussions

Need advise to setup a policy on F5

Web acceleration

What are the different phases in DevOps?

Create a CSR and Key using the BigIP LTM GUI when renewing a certificate

F5 Rseries HA

Related Content

2 internal server vlans

Disable Inter-VLAN Routing?

VLAN Group and Asymmetric Deployment

F5OS API - not able to create vlan

LTM: Per-VLAN Default Gateways