Forum Discussion

mjaved_62370's avatar
mjaved_62370
Icon for Nimbostratus rankNimbostratus
Jan 12, 2009

BIGIP LTM Ver 9.4.5 Active/Standby Different Data Centres

Hi There!

 

 

Was wandering to get some advice.

 

We have 2 6400s with Version 9.4.5 running across 2 Data Centres As independant units.

 

 

Data Centre A has got all Servers & Data Centre B has got only a few. Both Dcs are connected to each other via a 2GB Fibre link 40KM apart. Oracle Server traffic mostly hits DC A servers via the existing LTM.

 

 

To add some redundancy, was wandering if we can configure both LTMs in Active/Standby Configuration. Meaning DC A LTM as Active & DC B LTM to be Standby. With link down on failover set to 1 sec.

 

 

Plan to use 2 VLANS. 1 for Connection Mirroring & other one for Failover via the 2GB Fibre link.

 

 

Is this a good way of doing things?

 

 

Comments appreciated Thanks.
config
design

3 Replies

Sort By
  • Hamish's avatar
    Hamish
    Icon for Cirrocumulus rankCirrocumulus
    Jan 13, 2009
    Yes it can be done. I've done data centres up to 15km apart...

     

     

    The things to remember are

     

     

    1. For this distance, the best way would be via GTM. Except you need to have an end-2-end DNS infrastructure before it becomes practical. Some orgs don't still today.

     

     

    Otherwise...

     

     

    2. The front-end VLAN needs to be spanned. Because VS IP's don't change their subnets when failing over from A to B.

     

    3. If the F5's don't have direct access to the back-end server VLAN's you need to do SNAT. Which works fine, except it is always a pain to debug, and some apps just do care about the client IP address.

     

    4. You really want to ensure you have a non-network heartbeat link setup. I usually use either a dark fibre. e.g. a 1Gb LX SFP optical driving a reasonably shorrt fibre. But you're too far apart for that (LX will do about 10km, and the F5's don't support longer distance opticals). So you need something like a pair of switches for the heartbeat with opticals that can do 80km. e.g. 3750E's with DWDM opticals (If you have a DWDM link). Remember the heartbeat carries mirror traffic so a piece of wet string isn't good enough. It needs to have the bandwidth to carry ALL your mirrored traffic. Best bet is to have it the same speed as your front-end VLAN. Then there's no worries about it.

     

     

     

    Apart from that, the distance is nothing.

     

     

    H

     

  • mjaved_62370's avatar
    mjaved_62370
    Icon for Nimbostratus rankNimbostratus
    Jan 14, 2009
    Thanks for the info.

     

    Yes front-end vlan is spanned.

     

    Yes we do use SNAT.

     

    We have 2 6509s in which fibre terminate. From there on heartbeat vlan is spanned between 2 switches. We have made it seperate, only to be used as Heart beat.

     

  • Steve_Scott_873's avatar
    Steve_Scott_873
    Historic F5 Account
    Jan 19, 2009
    Bare in mind if that heartbeat link fails, even for a few seconds you will have a far far bigger mess than you would have had with standalone units.

     

    We had a switchboard failiure on one of the 6509's we were heatbeating over, it reset and recovered about 12 seconds later, but the damage was done, unit 1 and 2 were active and ARP didn't sort itself out, leaving traffic going into A, through the datacentre and back to B, which had no persistance enabled and dropped the traffic.

     

    Mac masqurading might have helped, but we solved the problem with 2 trunked (Etherchannel in the cisco world) cat 6 cables between the units for heartbeat. (Originally the architects wanted only optical between racks to avoid it turning into spagetti junction)

     

     

    Anyway, heatbeating over intermediate equiptment is asking for trouble and should be avoided at all costs!