Latest Posts

F5 BigIP LTM v11.5.3 Virtual Appliance HA Configuration - Part 2

This post is second part for configuring F5 BigIP LTM v11.5.3  High Availability. You can find other related posts in this blog:
1. Topology:

Logical Topology:





Four Networks:
  • Management Network - Network Adapter 1 in F5 VE - 192.168.2.26/24 and 192.168.2.27/24
  • Internal Network - Network Adapter 2 in F5 VE - 10.1.1.1/24 and 10.1.1.2/24
  • External Network - Network Adapter 3 in F5 VE - 172.17.3.1/24 and 172.17.3.2/24
  • HA Network - Network Adapter 4 in F5 VE - 192.168.1.1/24 and 192.168.1.2/24

Networking Configuration in my Virtual Lab Environment:



2. Mgmt Interface Configuration:

Log in with username root and password default.

There are two different ways to do F5 VE management port settings. One is from part 1 using tmsh commands. Or we could use config wizard as show below.

After logged in, use config wizard to change your Mgmt Interface IP address and default route.

Last login: Sat Apr  2 10:15:55 2016
[[email protected]:NO LICENSE:Standalone] config # config


 


 





 


 


 



3. Activate Trial License for both VE

You can get your 90 day free trial license from https://www.f5.com/trial/big-ip-ltm-virtual-edition.php


After entered the registration key into your VE license page, you will get a dossier to generate license from F5 license activation page - https://activate.f5.com/license/dossier.jsp

admin/admin is the default Web GUI account. Here is how your VE looks like after activated license.



4. Create VLANs

Interface 1.1 -> Internal Vlan -> 10.1.1.1 and 10.1.1.2, floating IP is 10.1.1.3
Interface 1.2 -> External Vlan -> 172.17.3.1 and 172.17.3.2, floating IP is 172.17.3.3
Interface 1.3 -> SYNC HA Vlan -> 192.168.1.1 and 192.168.1.2

4.1 Using Wizard


 



 



 



 







 



 


 




 


4.2 Manually

 


 




 


 
 


You can verify self ip addresses by logging in F5 VE and pinging each other.

Last login: Sat Apr  2 20:09:33 2016
[[email protected]:Active] config # ping 10.1.1.3
PING 10.1.1.3 (10.1.1.3) 56(84) bytes of data.
64 bytes from 10.1.1.3: icmp_seq=1 ttl=255 time=2.71 ms
64 bytes from 10.1.1.3: icmp_seq=2 ttl=255 time=1.04 ms
^C
--- 10.1.1.3 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.047/1.883/2.719/0.836 ms

[[email protected]:Active] config # ping 172.17.3.1
PING 172.17.3.1 (172.17.3.1) 56(84) bytes of data.
64 bytes from 172.17.3.1: icmp_seq=1 ttl=64 time=0.026 ms
^C
--- 172.17.3.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.026/0.026/0.026/0.000 ms
[[email protected]:Active] config # ping 172.17.3.2
PING 172.17.3.2 (172.17.3.2) 56(84) bytes of data.
64 bytes from 172.17.3.2: icmp_seq=1 ttl=255 time=62.4 ms
^C
--- 172.17.3.2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 62.459/62.459/62.459/0.000 ms
[[email protected]:Active] config # ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
64 bytes from 192.168.1.2: icmp_seq=1 ttl=255 time=35.0 ms
^C
--- 192.168.1.2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 35.005/35.005/35.005/0.000 ms
[[email protected]:Active] config # 

5. Device Group



 
 





 



Notes:

Fix the F5 sync state disconnected issue:
  1. Device Groups >(device group previously setup) put both boxes back to available.
  2. Delete the existing device group.
  3. Reset Device Trust. Choose Generate New Self-Signed Authority.
  4. REBOOT THE VE!!!!!!
  5. Device Trust>Peer list. Establish peering. (It is able to see peer no problem.)
  6. Create device groups. "test-sync-failover". Put both devices in "includes". and check Network Failover.
  7. Confirm both devices are in the Device List area.
  8. Overview>(click self device)>choose "Sync Device to Group">Choose "Overwrite Configuration">Sync

6. iApp
Getting Started with the iApp for HTTP applications
To begin the HTTP iApp Template, use the following procedure.
6.1. Log on to the BIG-IP system.
6.2. On the Main tab, expand iApp, and then click Application Services.
6.3. Click Create. The Template Selection page opens.
6.4. In the Name box, type a name. In our example, we use HTTP-app_.
6.5. From the Template list, select f5.http.
The HTTP template opens.



 


 




 
after I changed the string at 'What HTTP request should be sent to check the health of each HTTP server?' from default value 'GET /r/n' to 'GET /HTTP/1.0/\r\n\r\n', the virtual server's availability becomes green.




 
 


Reference:







No comments