This post is second part for configuring F5 BigIP LTM v11.5.3 High Availability. You can find other related posts in this blog:
- F5 Big IP 2000s Appliance Initial Configuration
- F5 BigIP LTM v11.5.3 Virtual Appliance Configuration – Part 1
- F5 BigIP LTM v11.5.3 Virtual Appliance Configuration – Part 2
- F5 BigIP LTM Basic Configuration Steps
- F5 Big-IP 2500 Appliance System Initial Configuration
- Download and Install F5 BIG-IP v11.x / Virtual Edition 11.3.x into Vmware Workstation
1. Topology:
Logical Topology:
Four Networks:
- Management Network – Network Adapter 1 in F5 VE – 192.168.2.26/24 and 192.168.2.27/24
- Internal Network – Network Adapter 2 in F5 VE – 10.1.1.1/24 and 10.1.1.2/24
- External Network – Network Adapter 3 in F5 VE – 172.17.3.1/24 and 172.17.3.2/24
- HA Network – Network Adapter 4 in F5 VE – 192.168.1.1/24 and 192.168.1.2/24
Networking Configuration in my Virtual Lab Environment:
2. Mgmt Interface Configuration:
Log in with username root and password default.
There are two different ways to do F5 VE management port settings. One is from part 1 using tmsh commands. Or we could use config wizard as show below.
After logged in, use config wizard to change your Mgmt Interface IP address and default route.
Last login: Sat Apr 2 10:15:55 2016
[root@localhost:NO LICENSE:Standalone] config # config |
You can get your 90 day free trial license from https://www.f5.com/trial/big-ip-ltm-virtual-edition.php
After entered the registration key into your VE license page, you will get a dossier to generate license from F5 license activation page – https://activate.f5.com/license/dossier.jsp
admin/admin is the default Web GUI account. Here is how your VE looks like after activated license.
4. Create VLANs
Interface 1.1 -> Internal Vlan -> 10.1.1.1 and 10.1.1.2, floating IP is 10.1.1.3
Interface 1.2 -> External Vlan -> 172.17.3.1 and 172.17.3.2, floating IP is 172.17.3.3
Interface 1.3 -> SYNC HA Vlan -> 192.168.1.1 and 192.168.1.2
4.1 Using Wizard
4.2 Manually
Last login: Sat Apr 2 20:09:33 2016
[root@ltm-1:Active] config # ping 10.1.1.3 PING 10.1.1.3 (10.1.1.3) 56(84) bytes of data. 64 bytes from 10.1.1.3: icmp_seq=1 ttl=255 time=2.71 ms 64 bytes from 10.1.1.3: icmp_seq=2 ttl=255 time=1.04 ms ^C — 10.1.1.3 ping statistics — 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 1.047/1.883/2.719/0.836 ms [root@ltm-1:Active] config # ping 172.17.3.1 |
5. Device Group
Notes:
Fix the F5 sync state disconnected issue:
- Device Groups >(device group previously setup) put both boxes back to available.
- Delete the existing device group.
- Reset Device Trust. Choose Generate New Self-Signed Authority.
- REBOOT THE VE!!!!!!
- Device Trust>Peer list. Establish peering. (It is able to see peer no problem.)
- Create device groups. “test-sync-failover”. Put both devices in “includes”. and check Network Failover.
- Confirm both devices are in the Device List area.
- Overview>(click self device)>choose “Sync Device to Group”>Choose “Overwrite Configuration”>Sync
6. iApp
Getting Started with the iApp for HTTP applications
To begin the HTTP iApp Template, use the following procedure.
6.1. Log on to the BIG-IP system.
6.2. On the Main tab, expand iApp, and then click Application Services.
6.3. Click Create. The Template Selection page opens.
6.4. In the Name box, type a name. In our example, we use HTTP-app_.
6.5. From the Template list, select f5.http.
The HTTP template opens.
Reference:
- BIG-IP Virtual Edition 11.3.0 Trial Quick Start Instructions
- BIG-IP Redundant Systems Configuration Guide
- BigIP F5 LTM – High Availability / DSC (v11.x)