This post is second part for configuring F5 BigIP LTM v11.5.3  High Availability. You can find other related posts in this blog:

1. Topology:

Logical Topology:

Four Networks:

  • Management Network – Network Adapter 1 in F5 VE – 192.168.2.26/24 and 192.168.2.27/24
  • Internal Network – Network Adapter 2 in F5 VE – 10.1.1.1/24 and 10.1.1.2/24
  • External Network – Network Adapter 3 in F5 VE – 172.17.3.1/24 and 172.17.3.2/24
  • HA Network – Network Adapter 4 in F5 VE – 192.168.1.1/24 and 192.168.1.2/24

Networking Configuration in my Virtual Lab Environment:

2. Mgmt Interface Configuration:

Log in with username root and password default.

There are two different ways to do F5 VE management port settings. One is from part 1 using tmsh commands. Or we could use config wizard as show below.

After logged in, use config wizard to change your Mgmt Interface IP address and default route.

Last login: Sat Apr  2 10:15:55 2016
[root@localhost:NO LICENSE:Standalone] config # config

 



 





 



 



 


3. Activate Trial License for both VE

You can get your 90 day free trial license from https://www.f5.com/trial/big-ip-ltm-virtual-edition.php

After entered the registration key into your VE license page, you will get a dossier to generate license from F5 license activation page – https://activate.f5.com/license/dossier.jsp

admin/admin is the default Web GUI account. Here is how your VE looks like after activated license.

4. Create VLANs

Interface 1.1 -> Internal Vlan -> 10.1.1.1 and 10.1.1.2, floating IP is 10.1.1.3
Interface 1.2 -> External Vlan -> 172.17.3.1 and 172.17.3.2, floating IP is 172.17.3.3
Interface 1.3 -> SYNC HA Vlan -> 192.168.1.1 and 192.168.1.2

4.1 Using Wizard

 



 



 



 






 



 


 





 

4.2 Manually

 



 



 



 
 


You can verify self ip addresses by logging in F5 VE and pinging each other.

Last login: Sat Apr  2 20:09:33 2016
[root@ltm-1:Active] config # ping 10.1.1.3
PING 10.1.1.3 (10.1.1.3) 56(84) bytes of data.
64 bytes from 10.1.1.3: icmp_seq=1 ttl=255 time=2.71 ms
64 bytes from 10.1.1.3: icmp_seq=2 ttl=255 time=1.04 ms
^C
— 10.1.1.3 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.047/1.883/2.719/0.836 ms

[root@ltm-1:Active] config # ping 172.17.3.1
PING 172.17.3.1 (172.17.3.1) 56(84) bytes of data.
64 bytes from 172.17.3.1: icmp_seq=1 ttl=64 time=0.026 ms
^C
— 172.17.3.1 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.026/0.026/0.026/0.000 ms
[root@ltm-1:Active] config # ping 172.17.3.2
PING 172.17.3.2 (172.17.3.2) 56(84) bytes of data.
64 bytes from 172.17.3.2: icmp_seq=1 ttl=255 time=62.4 ms
^C
— 172.17.3.2 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 62.459/62.459/62.459/0.000 ms
[root@ltm-1:Active] config # ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
64 bytes from 192.168.1.2: icmp_seq=1 ttl=255 time=35.0 ms
^C
— 192.168.1.2 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 35.005/35.005/35.005/0.000 ms
[root@ltm-1:Active] config # 


5. Device Group



 

 



 




Notes:

Fix the F5 sync state disconnected issue:

  1. Device Groups >(device group previously setup) put both boxes back to available.
  2. Delete the existing device group.
  3. Reset Device Trust. Choose Generate New Self-Signed Authority.
  4. REBOOT THE VE!!!!!!
  5. Device Trust>Peer list. Establish peering. (It is able to see peer no problem.)
  6. Create device groups. “test-sync-failover”. Put both devices in “includes”. and check Network Failover.
  7. Confirm both devices are in the Device List area.
  8. Overview>(click self device)>choose “Sync Device to Group”>Choose “Overwrite Configuration”>Sync


6. iApp
Getting Started with the iApp for HTTP applications
To begin the HTTP iApp Template, use the following procedure.
6.1. Log on to the BIG-IP system.
6.2. On the Main tab, expand iApp, and then click Application Services.
6.3. Click Create. The Template Selection page opens.
6.4. In the Name box, type a name. In our example, we use HTTP-app_.
6.5. From the Template list, select f5.http.
The HTTP template opens.

 

 




 
after I changed the string at ‘What HTTP request should be sent to check the health of each HTTP server?’ from default value ‘GET /r/n’ to ‘GET /HTTP/1.0/rnrn’, the virtual server’s availability becomes green.

 

 

Reference:

By Jon

Leave a Reply