Configure an Active/Standby pair Big-IP F5 Load Balancer in VMware Workstation (13.1.1-0.04)

I finally found some time to Deploy and Configure an F5 Load Balancer in my VMware Workstation LAB. The below steps will walk you through setting up an Active/Standby pair HA configuration for BIG-IP F5 13.1.1-0.0.4.

The whole set up went smooth but I did run into config sync issues between the primary and the standby that I was not able to resolve. After doing some research it looks like other were experiencing the same behavior when setting it up with an eval or trial license. I have set up version 12 without issues here so definitely looks like something odd is happening with version 13.

I also read that BIGIP-14.1.0-0.0.116 has the same problem where the primary will not be able to sync up with the standby once configured. I will try to update version 13 once a new build comes out to see if this has been fixed. The plan is to set up version 12 of BIG-IP to see if the config sync issues will be present. I will make another post with BIG-IP version 12 set up, here is the other post where version 12 works just fine.

Config sync issue:

After setting up the primary and then connecting them together I was getting inconsistent sync issues between the primary and secondary. This seems to affect the below build numbers of BIG-IP Virtual Edition which are currently the latest builds.
BIGIP-14.1.0-0.0.116 & BIG-IP F5 13.1.1-0.0.4

https://devcentral.f5.com/questions/dsc-is-not-coming-up-for-ltm-ves-after-initial-setup-62303

This article mentioned that this is as a result of a BUG:

https://devcentral.f5.com/questions/devices-are-not-synchronizing-configuration-to-each-other-59604

-Once you set up the primary and standby you will run into different config-sync inconsistencies. Standby will report it’s in sync, primary will report changes are pending.
-If you are using an Eval license or a trial license you may run into the config sync issue.
-DEV LAB licenses seem to work fine and config sync issue is not present but VMs need to have 8GB and 4vCPUs to run. I dont have a DEV LAB license to try out so can’t confirm.
-The appliances are configured for 4GB of RAM, i read that for HA Standby setup they need to have minimum of 8GB and 4vCPUs. Since my Desktop only had 16GB of memory. I tried to power it up with 8GB each but surprisingly my CPU got stuck at 100% and memory as well. I ended up running one VM on my Desktop and giving it 12GB memory 4vCPUs and another one on my Laptop that had an SSD and 16GB RAM, so the second VM also had 12GB. I changed all the VM networking to bridged, and changed my virtual network editor to bridge to my ethernet port. I connected my laptop and desktop to a basic switch and the VMs were able to ping each other. I did observe different config sync behavior after giving it more memory. My standby BIG-IP said it was in sync and my active said there are changes pending.
-I will be setting up version 12 of BIG-IP Virtual Edition as i heard that version works fine with the eval or trial license BIGIP-12.1.4-0.0.8.ALL-scsi

https://devcentral.f5.com/questions/dsc-is-not-coming-up-for-ltm-ves-after-initial-setup-62303

To get a trial of BIg IP, just register on their site, download the software and the keys will be e-mailed to you:
https://www.f5.com/trials

There are different ways to deploy the F5 but the last two places I worked in had it deployed as an active/standby configuration so I will try to mimic the same config here. Every datacenter that I have been to had multiple BIG-IP F5’s set up, I have been wanting to set this up in my lab for a while now.

The below guide will walk you through configuration of the primary and a second HA standby F5 server.

Virtual Network Editor
VMware Workstation > Edit > Virtual Network Editor

Here is what the Virtaul Machine looks like
VMNet1 – Management
VMNet2 – HA
VMNet3 – Internal
VMNet0 – External

F5 HA (Primary)

1.0 Management - 192.168.16.111 (vmnet1)
1.1 HA - 192.168.88.51 Floating IP: 192.168.88.53(vmnet2)
1.2 Internal - 192.168.245.201 - Floating IP:192.168.245.203 (vmnet3) - Web servers behind Internal 192.168.245.20 & 30
1.3 External - 192.168.11.50 - Floating IP: 192.68.11.61 (vmnet0 bridged 192.168.11.0)

F5 HA (Standby)

1.0 Management - 192.168.16.112 (vmnet1)
1.1 HA - 192.168.88.52 Floating IP: 192.168.88.53 (vmnet2)
1.2 Internal - 192.168.245.202 - Floating  IP: 192.168.245.203 (vmnet3) - Web servers behind Internal 192.168.245.20 & 30
1.3 External - 192.168.11.51 - Floating IP: 192.168.11.61 (vmnet0 bridged 192.168.11.0)

Configuring the Primary

Once you deploy the VMware Appliance run config t to configure the management network and the deafult gateway. Login with root/default

Configure the Management IP. My Default gateway is 192.168.16.2 for this virtual interface.

Now that the management interface is all set up I can open up a browser and connect to it. The default login is admin/default.

License the appliance, you will not be able to do much until you license it

Here is a licensed appliance, I applied the 30 day trial key.

Your Management network is set up already, you should see it by clicking on Platform. At this point youo need to click on Network and click Next to start the Wizard. The appliance is in a mode where it wants you to set up the rest of the network settings, then you will see menus that look much different once it’s all set up.

F5 HA (Primary)

1.0 Management - 192.168.16.111 (vmnet1)
1.1 HA - 192.168.88.51 Floating IP: 192.168.88.53(vmnet2)
1.2 Internal - 192.168.245.201 - Floating IP:192.168.245.203 (vmnet3) - Web servers behind Internal 192.168.245.20 & 30
1.3 External - 192.168.11.50 - Floating IP: 192.68.11.61 (vmnet0 bridged 192.168.11.0)


1.1 HA – 192.168.88.51 Floating IP: 192.168.88.53(vmnet2)
Note the “Select VLAN” drop down that is set to “HA” click Next to save

1.2 Internal – 192.168.245.201 – Floating IP:192.168.245.203 (vmnet3)
Web servers behind Internal 192.168.245.20 & 30

1.3 External – 192.168.11.50 – Floating IP: 192.68.11.61 (vmnet0 bridged 192.168.11.0)

Next screen is to set up NTP, i pointed it at my Domain Controller. You can put whatever here, the VM’s pick up the time from Virtual Bios so the time comes from my Desktop. Make sure both primary/standby have the same time as that can break config sync issues as well.

Fill in the rest, it’s for a lab so DC is my DNS etc

F5 sync options. Because the secondary is a standby, everything from the primary will need to sync with the secondary HA. I chose Internal network to do the sync. Once both are set up make sure that both of them have the same network set up for ConfigSync.


For Lab choose Unicast, you can read more about the differenc by googling unicast vs multicast.

Leave secondary blank

Primary is all set up, we can see it’s rporting as:
ONLINE (ACTIVE)
Standalone

Review what we have set up

Now the menu changes and we set a lot of new menus


another screenshot

another

another

Configuring the Secondary (Standby)

Power up the secnond Big F5 appliance

Login with
User: Root
Password: default
Run: config t to set up management network

F5 HA (Standby)

1.0 Management - 192.168.16.112 (vmnet1)
1.1 HA - 192.168.88.52 Floating IP: 192.168.88.53 (vmnet2)
1.2 Internal - 192.168.245.202 - Floating  IP: 192.168.245.203 (vmnet3) - Web servers behind Internal 192.168.245.20 & 30
1.3 External - 192.168.11.51 - Floating IP: 192.168.11.61 (vmnet0 bridged 192.168.11.0)

login with admin admin


license the server

ff

gg

hjh

1.2 Internal – 192.168.245.202 – Floating IP: 192.168.245.203 (vmnet3)

1.3 External – 192.168.11.51 – Floating IP: 192.168.11.61 (vmnet0)

1.1 HA – 192.168.88.52 Floating IP: 192.168.88.53 (vmnet2)

jdfkdnpt

config syc

dfdmm

jfkjdf

Establish an active stadnby pair

fjdkfjd enter node 1

cert matches my other de ice

dfdd

dfdkfd

now my primary has changed to standby and is waiting for me to sync

I restarted node2 as it was primary and node 1 took over

Sync Issues

I ran into an issue where i couldn’t sync up the standby HA server.

I tried remoivng both of the F5s from the Device Group, but only one would sync.

fix is to use a LAB license and

https://devcentral.f5.com/questions/dsc-is-not-coming-up-for-ltm-ves-after-initial-setup-62303

Not able to sync

This entry was posted in Networking and tagged , , , . Bookmark the permalink.

3 Responses to Configure an Active/Standby pair Big-IP F5 Load Balancer in VMware Workstation (13.1.1-0.04)

  1. up to standard and thank you for visiting online casino agents for Indonesia.
    Here we are here to allow entrance for fans of sbobet casino who desire to
    member the international agent site Promosbobet.

    The products offered are unquestionably diverse and are enormously the
    best choice. Derived from providers that have credibility
    and have been proven to have the best predicate in serving their customers.

    Providers similar to Sbobet, Maxbet and many more.

    As the best online casino and soccer gambling site
    in Indonesia. We meet the expense of maximum further
    behind customer retain that works online 24 full hours every day.
    fittingly members can pretend whenever and wherever without fearing to point the
    possibility of difficulties or confusion.

  2. Barrett says:

    Ubobet is an internationally trusted gambling dealer
    in the past 2001 until now. By holding endorsed admission for online gambling sites that meet the expense of various
    types of betting games. Games manageable combine Sportsbook,
    alive Casino and Cockfight. Ubobet has reached the entire world gambling broadcast
    including the Indonesian market. At present, all day there are
    more than 100 thousand players who entrust their bets in the city of Ubobet.

    Ubobet List Site

    To register an account, players cannot get it directly upon the Ubobet site.
    In other words, prospective players must register through the approved agent site
    for Ubobet listings such as Pandora188. By using Pandora188 ID the
    player can bet upon this city. How to register
    is quite easy, just by filling out the registration form correctly.

    After that create a addition of at least 25 thousand, later the player can bet upon Ubobet.
    all artiste who joins as a enthusiast at Pandora188 is entitled to a freebet
    bonus and next a daily increase added without exception.

    Ubobet Login

    After registering, players can log in upon Ubobet in two ways.

    The first is through certified buddies who have collaborations such
    as Pandora188. Because the two sites have already formed a partnership,
    which means that betting on the Pandora188 site is
    the similar as betting on Ubobet directly. Or by the second mannerism you can directly log in to the Ubobet site if you already have an account.
    How to log in Ubobet is quite easy, just enter your
    ID & password correctly.

  3. mabosway.com says:

    Mabosway alternating sites and mobile sports login connections – There are lots of online gambling agent sites scattered on the internet.
    Each of these sites has offers and features provided, including the types of gambling games available.
    Many online gambling sites unaccompanied give 1 to 3 types
    of games and very have excellent games they offer.

    Mabosway.com is an online gambling agent site that offers
    not abandoned 1 or 3 types of gambling games but 7 interesting types of gambling games that you can play.
    This proves that Mabosway is the most final
    betting site that offers not by yourself online soccer gambling,
    but Casino, Poker, Toto 4D, Bola Tangkas, Fish Hunter and online cockfighting gambling.
    This site is known as Mabosway Indonesia for members who come from Indonesia.

    Various types of online gambling games are thoroughly supported by the maximum support
    from Mabosway.com. One of them is the Customer service feature
    which is 24 hours standby to support increase and termination transactions for members.
    How to register is after that easy to do, especially for
    beginner bettors who are starting to bet for the
    first time.

    How to Apply for Mabosway

    How to register mabosway is very easy for unnamed people who want to begin playing
    online gambling. You deserted have to click the link NOW button upon the house page which will go directly to the registration form page.
    After successfully registering you will acquire a addict ID as an identity in the game.
    After everything is done, you are officially joined and become a member.

    After you officially become a devotee you are offered to choose
    the type of online gambling game that you can play.
    Here are 5 types of favorite online gambling games that you can put-on at Mabosway.com.

Leave a Reply

Your email address will not be published. Required fields are marked *