img img
Practice Exams:
View All
  • Home
  • F5 101 – Application Delivery Controller (ADC) Part 6

F5 101 – Application Delivery Controller (ADC) Part 6

  1. Configuring High Availability Part 1

I am back in our Fi Big IP device GUI, and we have four tabs. The first two tabs are big IP. Device One and Big IP. Device Two. And these two tabs will be dedicated for configuration purposes. We also have the third and the fourth tab. This is Big IP device One and Two, and we will be dedicated for statistics viewing only. Now, the first thing I will do is go to the first big IP device and we will reconfigure back our Http vs. I’m going to click and under Resources. I will associate our http underscore pool. I’m going to click Update and I’m going to remove this. I will script client browser. I will click finish under properties. I will enable source address translation. I’m going to select Autumn app. If you’re thinking what is Source Address Translation and what is Automap, we’re going to talk about it on the next section under Interpreting Traffic.

For now, we’ll just enable auto app. Okay, so there you have it. Another thing is that we want to reconfigure our High Availability or Clustering configuration. Remember when we deleted our Self IP addresses way back in our first section, we were successfully deleted the 170, 216, 133 because we deactivate that specific IP address, the floating self IP address internal of the big IP device. So we’ll go ahead and re enable it under Device Management Select Devices, I will click our local device, the Big IP one, and under Midterm will enable the internal IP address. Oh, it’s not floating, it’s the self IP address. Excuse me. And under Failover, I will add the internal self IP address and under Configuration Sync, I will also enable the self IP address. Okay, there you go. So I just added the self IP address under confit sync, failover network and metering. So this means that I enable the network failover. Because if you don’t add the 170, 216, 131 for unicorn, it may not work as well as the confit sync and mirroring. We will get an error when we add our trust member.

This is the first thing we will do for our Device service Cluster or DSC. So I’ll go ahead and add the Management IP address and the username of our second big IP device, case 192-16-8132. And the username is admin. The password is admin one. I intentionally set the password of the big IP two. Same with the first device. Why? Because after Configuration sync, the password of the big IP two will be overwritten by Big IP one anyway. So if you’re setting a Cluster or High Availability, make sure that all password of your big IP devices are the same. So I will click the Add device to perform the device trust for both Big IP one and Big IP two. There you go.

So we have now the second device. And as you can see from Online Active standalone it was standalone. It became Online Active in Sync and this changed on both of them. This means that both are still Online Active but they are now in Trusted mode. There are now Exchange Certificates, but they’re not still in the same cluster group. To enable that, we must create a device group. We still don’t have a device group yet. So I’m going to create the one. I’m going to name this DG one and two or device group for Viv one and two. Now the group type should be Sync Failover.

If you don’t select sync, failover the High Availability or Active Standby or active. Those will not work at all. And I’m going to select the available big IP devices. So these are big IP one and two. I’m going to click Finish now. Now before we click Finish, take note of the status online Active and in Sync. It’s not standalone anymore because we just enable trust relationship between the two devices. Now I’m going to hit finish. Look at what will happen to our cluster status. Okay, still Online Active and change to awaiting initial sync. Now as you can see, both are the same online Active awaiting initial sync. But I believe the first device just changed online. Standby now. So that means our High Availability pair has started working. One is active and one is standby. And this is by default. We can only enable active pair after creating traffic group.

Okay, so here’s what we’re going to do next. Well, first off, let’s verify the configuration of our second device. As you can see, we only have one Vs and this will be overwritten. It will be overwritten. And the reason why is because our big IP device, One, has more virtual servers and we want to push this configuration to the second big IP device. So how will that work? Under device management, we click overview. Under Overview, you will see the devices in the group and we have our self, our local device. We have the second device.

When you see a waiting initial synchronization, that means they haven’t really synchronized their configuration. And that’s what we’re about to do. We select the first device and you see this push the selected device to the group. Meaning I’m going to push the configuration of the first big IP device to the second big IP device right now. Please be very careful choosing the pool option here because what might happen is we might pull the configuration of the second big IP device to the first one and this will remove our virtual server configuration. Okay, so in the real world scenario, I always recommend to just configure the first or the primary device and always use the push option here. Okay, second device, we have nothing except for one virtual server. I’m going to click sync. Now. Notice what will happen to this status. Currently. It’s awaiting sync. It’s now syncing. As you can see here right now, the status is in sync. The status on the upper left was changed to Win sync for the second device, also changed to In sync. Now we are doing the high availability active standby mode. Okay? But we want the first device to become the active one. So what will happen?

Well, what will happen here is the first device is on standby. So we will just wait for the second device to go offline. And in order for a device to go offline, it’s either you shut them off, shut them down, or you can force them offline here in the big IP or force to stand by. And that’s under Device Management Devices. I’m going to click our second big IP device. And if you go down below here, there’s an option for us to stand by. You will see the second device become the standby device. Right? And the first one is now the active. So we have now finalized our setup. We have active standby. The first device is the Active. The second device is the standby. Not only that, let’s verify if the virtual server has been pushed to the second device.

Oh, there you go. We have now four virtual servers FTP, Http, https, and SSH. Now let’s test the active standby mode. I have here my first device and I’m going to reset the statistics. And on the second device, I will also reset the statistics. I’m going to click virtual server. By the way, we select Virtual Server to monitor the statistics. I’m going to reset all. Okay, there you go. So first device and second big IP device has zero when it comes to connections, bits and packets, all of the statistics zero. Now we’ll go ahead and access the Windows client. I will open a web browser and I will access our Httpbs. And as you can see, it’s connected to server one. If I hit refresh, it loads balance to server three on two and one again. So load balancing works.

Next is to access our Sshps. So let me minimize this web browser and let’s run this putty icon to automatically log into our Sshps multiple times. So I’ll do it three times. Let’s go back to our statistics page. This is the first big IP statistics page. I will hit refresh and you can see that there are traffic that is sent and received to the Httpbs and the ChBs. And then again, this is the first big IP device, the active 1 second VGIP device. Let’s see, I’ll hit refresh again. Oh, there is no increment vs. Statistics are all zeros. Why? Because this device is in standby mode.

  1. Configuring High Availability Part 2

Before we create the new traffic group and test activated pair, let’s create first a new floating self IP address for the second big IP device. But we will do this under the big IP one. So under network, I’ll click select Self IP address. And here, here I’m going to click Create. I’m going to add the first floating IP address which is 1010, 233 and I’m going to use the same IP address, or the name and IP address would be the same. I’m going to use Slash 16 and I’m going to make this traffic group one floating, which is the default traffic group. I’m also going to create the internal floating self IP address. I’m going to use Slash 16 as well. This is internal and I’m going to use again traffic group One. Okay? So by default we only have one floating traffic group which is TG One or Traffic group One. Now I am going to select Traffic Group and you see there is only one traffic group available, which is the default. I’m going to create a new traffic group. Now, TG Two would be the name and I will leave everything default. Click Create traffic group. There you go. We have now the new traffic group TG Two.

And as you can see, it’s now active on the first device. Let’s go ahead and associate the two floating IP address to the new traffic group. As again, all of the floating self IP address is using traffic group one, but these two use floating IP will be associated. Now to TG two. I’m going to click Update, okay? And the second IP address, the 172 16 dot two dot 33, will also be part of the traffic group too. I’m going to click Update now. All right, if I click Self IP Address you will see now the two floating IP address that we just added is part of TG Two traffic group. We will also move the virtual server 1010, 110, 100 to virtual server to that traffic group too. But how? It’s not available under virtual server properties nor resources. No, it’s not available there because the traffic group, the object that you add are not virtual server.

These are what we call the virtual address because the object is based on IP address, not IP address and port. So this is the virtual address of the two virtual server, the Http vs and the Https. I’m going to click this and under here traffic group, it is under traffic group One. Currently. I’m going to associate it to TG Two. I’m going to click Update now. Okay, so what we just did is we create a traffic group two or TG Two and I’m going to show you and we added three objects under Device management. If I go back to Traffic group page, you will see TG Two and the failed over objects is three.

Now the reason why we have still seven traffic groups, I believe I created an Snap pool, which I should have deleted it. That is fine. So these are virtual servers, self IP address, and I believe two or two or three snaps anyway. So what I will do next is I’m going to push the configuration to the second device under Device Management Overview. I will select big IP one.

And always please be very careful not to select the pool, the most recent configuration, because what will happen is we might pull the configuration from the second device. I’m going to click sync. Now. As you can see, it’s Syncing. If I go to the second device, the status or the configuration status just changed to in sync. Right? And let’s verify if we go to network and self IP, we now have this new floating IP address that is under traffic group two. And if we go to virtual address list, let’s check. Oh, there you go. So this address 1010 10 is now under traffic Group two as well.

Now let’s test the Active device setup. As you know that the first device is still using the default group, traffic Group one. This includes https vs. Not the https vs. H. FTP. And the second device is now active. Excuse me. Oh, it’s still not active. We still need to make sure that the TG two will be active on the second device. How can we do that? All right, here’s how to do it under Traffic Group device traffic Group. You will see here that TG two is active on the first device, right? And this is the reason why the second device is still standby, because two traffic group is still active on the first device. So, here’s what we’re going to do. I think we cannot do it here because you cannot select it. See, you cannot select the tick box because this TG two is not activated in this device. So we need to go back to the first device, select Traffic group. You will see now the tick box available. And if I click force to stand by, the TG two will be activated on the big IP two.

Okay, let’s do it. And what will happen on the status will become online active. So this will become Active mode for standby to big IP Two. As you can see, the next active device will be the big IP two device forced to stand by. And let’s monitor. There you go. From Standby. You went to active. Active? So it is now active. Active device pair. Okay, so let’s test our Active device pair. Now let’s reset the statistics. And we still have a pending connection to our Http because of the idle connection. That is fine. We still don’t see an incoming bits and packets. So we can now test our two devices, one Active for SSH and FTP, the other is Active for Httpbs and Https. So I will go ahead and I will open a web browser and I’m going to hit refresh multiple times.

What we expect is those traffic will go to the second device because the virtual address ten 100 is active on the second device because it’s part of the TG two or traffic group two. I will also open multiple SSH connection and the Http not Http excuse me, the SSH Vs or the virtual address ten one two is active on the first device because it’s still on traffic group one. So I’m going to open multiple SSH connection and let’s go back to our statistics. This is the first device. Again, we’re expecting traffic incoming to Sshps. I’m going to hit refresh, and as you can see, it is now getting Sshps. How about the second device? I will hit refresh.

As you can see, we still have more traffic to the Http Vs. Now, the reason why we have this incoming traffic, this was the idle connection that is sending a little data to the Vs because it’s got and it’s idle. But if I continue heating refresh, if I continue heating refresh, it’s currently 68k on the second device. If I hit refresh, it went up to 99. 5K. Okay. All right. So the Active is obviously on the second device. And if I select pulls under statistics, you will see that it is low balance to pull one, pull two, and pull three. So we just verified what happens or how to create traffic group two and make it active to the second device so that we completed the Active device. Pair.

Related posts:

  1. 6 Golden Rules to Follow: Ace Your Certification Exam with Ease!
  2. Chief In-Demand Tech Skills 2018
  3. Main Certification Paths Every System Administrator Should Pursue
  4. Make Your First Step in IT with Microsoft Certifications
  5. SY0-501 Section 1.4 – Given a scenario, implement common protocols and services.
  6. Top 10 Paying IT Careers
  7. Top 5 Agile Certifications You Should Pursue in 2020
  8. Top Security Certifications
  9. What New Features Should You Expect in Java 13?
  10. Which Project Management Certification Suits You

Popular posts

Top Vendors On The IT Certification Market

Top 5 Agile Certifications You Should Pursue in 2020

Case Study Hillary’s HillRaisers raising cash for Obama inauguration

SY0-501 Section 1.1- Implement security configuration parameters on network devices and other technologies.

Your Best Career Path With EC-Council Certification

Job Opportunities For MCSE Certification

Reasons To Get Microsoft MCSA Certification

SY0-501 Section 3.2- Summarize various types of attacks.

SY0-501 Section 6.2- Given a scenario, use appropriate cryptographic methods.

What Should You Know About New Amazon AWS Certified Database – Specialty Exam?

Recent Posts

img