Shulou(Shulou.com)06/01 Report--

F5 BIG-IP HA configuration is prepared to plan the network topology and address before doing the HA experiment, so that it is easier to configure HA. The topology is as follows:

IP Information:

BIGIP-1 Management ip:192.168.150.129

BIGIP-2 Management ip:192.168.150.130

External vlan13 corresponds to ip segment: 13.1.1.0 + 24

Internal vlan12 corresponds to ip segment: 12.1.1.0 + 24

BIGIP HA ip paragraph: 11.1.1.1-2Universe 30

Note:

Two bigip. It is best to configure the second bigip first and then the first bigip.

If it is a bigip, then configure the operation of bigip-2 on it.

Configure bigip-2

General configuration

The configuration includes:

Management address hostname (must be standard FQDN) time zone modify default root password change default admin password enable ssh

After accepting the application of the configuration information, the system will log out and enter a new password to log in. You will enter the network configuration phase:

Network configuration Select Standard Network, next:

Configure device redundancy options, which are available by default, next:

Configure the internal network

The contents include:

The float ip interface of the ip internal interface of the inside interface selects the specified connection interface, the tagging selects untagged, and then add

NEXT after selection:

Configure external network

The contents include:

Ip external interface of external interface default gateway float ip interface of external interface ip external interface select the specified connection interface, tagging select untagged, and then add

NEXT after selection:

Configure the HA network

The contents include:

The ipHA interface of the HA interface selects the specified connection interface, tagging selects untagged, and then add

NEXT after selection:

Configure time server

The local machine is specified by default here.

If you have an internal NTP, you can specify either the internal ntp or the public network ntp.

Configure dns

According to the configuration of the requirements, the default is:

Configure synchronous links

It is best to choose HA.

Failover configuration

There are only HA links by default, and you can add both internal and external through the ADD in the upper right corner.

Mirror link configuration

The mirrored configuration can use the internal network as a backup link.

End of BIGIP-2 configuration

Select the bottom "Finished" to finish.

After the configuration is complete, you will see the following information:

Configure bigip-1 generic configuration

The configuration includes:

Management address hostname (must be standard FQDN) time zone modify default root password change default admin password enable ssh

After accepting the application of the configuration information, the system will log out and enter a new password to log in. You will enter the network configuration phase:

Network configuration Select Standard Network, next:

Configure device redundancy options, which are available by default, next:

Configure the internal network

The contents include:

The float ip interface of the ip internal interface of the inside interface selects the specified connection interface, the tagging selects untagged, and then add

NEXT after selection:

Configure external network

The contents include:

Ip external interface of external interface default gateway float ip interface of external interface ip external interface select the specified connection interface, tagging select untagged, and then add

NEXT after selection:

Configure the HA network

The contents include:

The ipHA interface of the HA interface selects the specified connection interface, tagging selects untagged, and then add

NEXT after selection:

Configure time server

The local machine is specified by default here.

If you have an internal NTP, you can specify either the internal ntp or the public network ntp.

Configure dns

According to the configuration of the requirements, the default is:

Configure synchronous links

It is best to choose HA.

Failover configuration

There are only HA links by default, and you can add both internal and external through the ADD in the upper right corner.

Mirror link configuration

The mirrored configuration can use the internal network as a backup link.

Active and standby configuration standard active and standby configuration

Or configure on the first BIG-IP: select the Next of "Standard pair configuration":

Discovery of active and standby equipment

The main idea of this paragraph is: if you do have two devices to configure active and standby, click NEXT to find the second device. The system will automatically create a trust, create a device group, use HA to configure synchronization and high availability, and create a traffic group to support the active and standby configuration.

Remote device information

In fact, it is the ip and username and password of the slave phone. Click "Retrieve Device Information":

Click "Finished" to finish.

After waiting for the device to be configured, you will see that both bigip are in the "awiting initial sync" state.

And the device will choose the master / slave according to the ip address: the master is active and the quilt is standby.

Perform the first manual synchronization

The next operation is done on the active master device.

Follow the picture to enter the options:

At the Sync Options option:

Select sync device to group (that is, synchronize the configuration of local devices into the group to achieve the first synchronization between master and slave. Overwrite configuration (override configuration, since both devices are initialized configurations, you don't need to select this. If standby has been configured with something else, you can choose here to overwrite the standby device directly, otherwise the synchronization will not succeed. Then click sync at the bottom to synchronize.

After the synchronization is complete, you will see that the status of both bigip is displayed as in sync, and both devices are shown as green.

Configure automatic synchronization

Click in according to the picture:

Check "Automatic Sync" and select Update:

Now go to standby to see that you have the same configuration:

Manual switching between active and standby

Click in according to the picture:

Force the primary device to standby:

View the switching result:

Configure vlan link monitoring

In fact, the configuration here is to monitor the internal, external, HA and other links of F5 BIG-IP, and automatically switch when there is a problem with the link.

Click in according to the picture:

Increase configuration

Add

Active: represents the status of the device after a problem with the device link, there are 4 types:

Reboot restart device restart all restart all services actively switch to standby, and restart TM service actively switch to standby

Add one after another:

You also need to do the same thing on the standby device.

Simulated failover when the big-ip public network link is down

Current status:

BIG-IP-1 is the Lord.

BIG-IP-2 is standby.

Simulate public network link outage by shutdown port g1ramp 0 on GW5800.

Realize that BIG-IP automatically switches to BIG-IP-2.

BIG-IP-1 has automatically switched to standby:

BIG-IP-2 becomes active:

When the link of BIG-IP-1 is restored, it will not actively switch back to active, it will always be standby, unless there is a problem with big-ip-2, it will be switched to active.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.