Manual Chapter :
Creating an Active-Active Configuration using the Configuration Utility
Applies To:
Show VersionsBIG-IP AAM
- 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0
BIG-IP APM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0
BIG-IP Analytics
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0
BIG-IP Link Controller
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0
BIG-IP LTM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0
BIG-IP PEM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0
BIG-IP AFM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0
BIG-IP DNS
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0
BIG-IP ASM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0
Creating an Active-Active Configuration using the Configuration Utility
Overview: Creating an active-active DSC configuration
A common TMOS® device service
clustering (DSC®) implementation is an active-standby
configuration, where a single traffic group is active on one of the devices in the device group,
and is in a standby state on a peer device. Alternatively however, you can create a second
traffic group and activate that traffic group on a peer device. In this
active-active
configuration, the devices each process traffic for a
different application simultaneously. If one of the devices in the device group goes offline, the
traffic group that was active on that device fails over to a peer device. The result is that two
traffic groups can become active in the device group.To implement this DSC implementation, you create a Sync-Failover device group. A Sync-Failover
device group with two or more members provides configuration synchronization and device failover,
and optionally, connection mirroring.
About DSC
configuration on a VIPRION system
The way you configure device service clustering () (also known as redundancy) on a VIPRION system varies depending on whether the system is provisioned to
run the vCMP feature.
For non-vCMP
systems
For a device group that consists of VIPRION systems that are not licensed
and provisioned for vCMP, each VIPRION cluster constitutes an individual device group member.
The following table describes the IP addresses that you must specify when configuring
redundancy.
Feature |
IP addresses required |
---|---|
Device trust |
A primary floating management IP address (IPv4 or IPv6) for the
VIPRION cluster. |
ConfigSync |
The unicast non-floating self IP address assigned to VLAN
internal . |
Failover |
|
Connection mirroring |
For the primary address, the non-floating self IP address that
you assigned to VLAN HA . The
secondary address is not required, but you can specify any non-floating self IP address for
a VLAN on the internal network. |
For vCMP systems
On a vCMP system, the devices in a device group are virtual devices, known
as
vCMP guests
. You configure device trust, config sync,
failover, and mirroring to occur between equivalent vCMP guests in separate chassis.For example, if you have a pair of VIPRION systems running vCMP, and each
system has three vCMP guests, you can create a separate device group for each pair of equivalent
guests. Table 4.2 shows an example.
Device groups for vCMP |
Device group members |
---|---|
Device-Group-A |
|
Device-Group-B |
|
Device-Group-C |
|
By isolating guests into separate device groups, you ensure that each guest
synchronizes and fails over to its equivalent guest. The following table describes the IP
addresses that you must specify when configuring redundancy.
Feature |
IP addresses required |
---|---|
Device trust |
A cluster management IP address (IPv4 or IPv6) of the
guest. |
ConfigSync |
The non-floating self IP address on the guest that is
associated with VLAN internal on
the host. |
Failover |
|
Connection mirroring |
For the primary address, the non-floating self IP address on
the guest that is associated with VLAN internal on the host. The secondary address is not required, but you can
specify any non-floating self IP address on the guest that is associated with an internal
VLAN on the host. |
DSC prerequisite worksheet
Before you set up device service clustering (DSC®), you must configure these BIG-IP® components on each device that you intend to include in the device group.
Configuration component | Considerations |
---|---|
Hardware, licensing, and provisioning | Devices in a device group must match with respect to product licensing and module provisioning. Heterogeneous hardware platforms within a device group are supported. |
BIG-IP software version | Each device should be running BIG-IP version 12.x or higher. This ensures successful configuration synchronization. |
Management IP addresses | Each device must have at least one management IP address (IPv4, IPv6, or both), a network mask, and a management route defined. |
FQDN | Each device must have a fully-qualified domain name (FQDN) as its host name. |
User name and password | Each device must have a user name and password defined on it that you will use when logging in to the BIG-IP Configuration utility. |
root folder properties | The platform properties for the root folder must be set correctly (Sync-Failover and traffic-group-1 ). |
VLANs | You must create these VLANs on each device, if you have not already done so:
|
Self IP addresses | You must create these self IP addresses on each device, if you have not already done so:
When you create floating self IP addresses, the BIG-IP system
automatically adds them to the default floating traffic group,
traffic-group-1 . To add a self IP address to a different
traffic group, you must modify the value of the self IP address Traffic
Group property.If the BIG-IP device you are configuring is accessed using
Amazon Web Services, then the IP address you specify must be the floating
IP address for high availability fast failover that you configured for the EC2
instance. |
Port lockdown | For self IP addresses that you create on each device, you should verify that the Port Lockdown setting is set to Allow All , All Default , or Allow Custom . Do not specify None . |
Application-related objects | You must create any virtual IP addresses and optionally, SNAT translation addresses, as part of the local traffic configuration. You must also configure any iApps application services if they are required for your application. When you create these addresses or services, the objects automatically become members of the default traffic group, traffic-group-1 . |
Time synchronization | The times set by the NTP service on all devices must be synchronized. This is a requirement for configuration synchronization to operate successfully. |
Device certificates | Verify that each device includes an x509 device certificate. Devices with device certificates can authenticate and therefore trust one another, which is a prerequisite for device-to-device communication and data exchange. |
Switchboard failsafe | If your devices are provisioned for vCMP® and your guests are members of a device group, make sure the guests' switchboard failsafe setting is set to the default value. Any change from the default switchboard failsafe configuration must always be done on the vCMP host, and not on the guests. |
Configurations using Sync-Failover device groups
This illustration shows two separate Sync-Failover device groups. In the first device group,
only
LTM1
processes application traffic, and the two BIG-IP devices are
configured to provide active-standby high availability. This means that
LTM1
and LTM2
synchronize their configurations,
and the failover objects on LTM1
float to LTM2
if
LTM1
becomes unavailable. In the second device group, both
LTM1
and
LTM2
process application traffic, and the BIG-IP devices are configured to
provide active-active high availability. This means that LTM1
and
LTM2
synchronize their configurations, the failover objects on
LTM1
float to LTM2
if LTM1
becomes unavailable, and the failover objects on LTM2
float to
LTM1
if LTM2
becomes unavailable. Specifying an IP address for config sync
Before configuring the config sync address, verify that all devices in the device
group are running the same version of BIG-IP system software.
You perform this task to specify the IP address on the local device that other devices in the
device group will use to synchronize their configuration objects to the local device.
You must perform this task locally on each device in the device group.
- Confirm that you are logged in to the device you want to configure.
- On the Main tab, click.This displays a list of device objects discovered by the local device.
- In the Name column, click the name of the device to which you are currently logged in.
- Near the top of the screen, clickConfigSync.
- From theLocal Addresslist, retain the displayed IP address or select another address from the list.F5 Networks recommends that you use the default value, which is the self IP address for the internal VLAN. This address must be a non-floating (static) self IP address and not a management IP address.If the BIG-IP device you are configuring is accessed using Amazon Web Services, then the internal self IP address that you select must be an internal private IP address that you configured for this EC2 instance as theLocal Address.
- ClickUpdate.
After performing this task, the other devices in the device group can synchronize
their configurations to the local device whenever a sync operation is
initiated.
Specifying an IP address for connection mirroring
You can specify the local self IP address that you want other devices in a device group to use when mirroring their connections to this device. Connection mirroring ensures that in-process connections for an active traffic group are not dropped when failover occurs. You typically perform this task when you initially set up device service clustering (DSC).
When performing this task, make sure you consider the following:
- You must perform this task locally on each device in the device group.
- Connection mirroring only functions between devices with identical hardware platforms.
- For the VLAN associated with the self IP address that you specify for connection mirroring, make sure that the VLAN'sCMP Hashsetting is set to the default value. Otherwise, the system cannot establish the HA connection.
- Confirm that you are logged in to the device you want to configure.
- On the Main tab, click.This displays a list of device objects discovered by the local device.
- In the Name column, click the name of the device to which you are currently logged in.
- Near the top of the screen, clickMirroring.
- For thePrimary Local Mirror Addresssetting, retain the displayed IP address or select another address from the list.The recommended IP address is the self IP address for VLANHA. You can also use VLANinternal.If the BIG-IP device you are configuring is accessed using Amazon Web Services, then the self IP address you specify must be one of the private IP addresses that you configured for this EC2 instance as thePrimary Local Mirror Address.
- For theSecondary Local Mirror Addresssetting, retain the default value ofNone, or select an address from the list.This setting is optional. The system uses the selected IP address in the event that the primary mirroring address becomes unavailable.
- ClickUpdate.
In addition to specifying an IP address for mirroring, you must also enable connection mirroring on the relevant virtual servers on this device.
Establishing device trust
Before you begin this task, verify that:
- Each BIG-IP device that is to be part of the local trust domain has a device certificate installed on it.
- The local device is designated as a certificate signing authority.
You perform this task to establish trust among devices on one or more network segments. Devices that trust each other constitute the
local trust domain
. A device must be a member of the local trust domain prior to joining a device group.By default, the BIG-IP software includes a local trust domain with one member, which is the local device. You can choose any one of the BIG-IP devices slated for a device group and log into that device to add other devices to the local trust domain. For example, devices
Bigip_1
, Bigip_2
, and Bigip_3
each initially shows only itself as a member of the local trust domain. To configure the local trust domain to include all three devices, you can simply log into device Bigip_1
and add devices Bigip_2
and Bigip_3
to the local trust domain; there is no need to repeat this process on devices Bigip_2
and Bigip_3
.- On the Main tab, click.
- ClickAdd.
- From theDevice Typelist, selectPeerorSubordinate.
- Type a device IP address, administrator user name, and administrator password for the remote BIG-IP device with which you want to establish trust. The IP address you specify depends on the type of BIG-IP device:
- If the BIG-IP device is an appliance, type a management IP address (IPv4 or IPv6) for the device.
- If the BIG-IP device is a VIPRION device that is not licensed and provisioned for vCMP, type a primary cluster management IP address (IPv4 or IPv6) for the cluster.
- If the BIG-IP device is a VIPRION device that is licensed and provisioned for vCMP, then type a cluster management IP address (IPv4 or IPv6) for the guest.
- If the BIG-IP device is an Amazon Web Services EC2 device, type one of the Private IP addresses created for this EC2 instance.
- ClickRetrieve Device Information.
- Verify that the certificate of the remote device is correct, and then clickDevice Certificate Matches.
- In theNamefield, verify that the name of the remote device is correct.
- ClickAdd Device.
After you perform this task, the local device is now a member of the local trust domain. Also, the BIG-IP system automatically creates a special Sync-Only device group for the purpose of synchronizing trust information among the devices in the local trust domain, on an ongoing basis.
Repeat this task to specify each device that you want to add to the local trust domain.
Creating a Sync-Failover device group
This task establishes failover capability between two or more BIG-IP devices. If an active device in a Sync-Failover device group becomes unavailable, the configuration objects fail over to another member of the device group and traffic processing is unaffected. You perform this task on any one of the authority devices within the local trust domain.
Repeat this task for each Sync-Failover device group that you want to create for your network configuration.
- On the Main tab, click.
- On the Device Groups list screen, clickCreate.The New Device Group screen opens.
- In theNamefield, type a name for the device group.
- From theGroup Typelist, selectSync-Failover.
- In theDescriptionfield, type a description of the device group.This setting is optional.
- From theConfigurationlist, selectAdvanced.
- For theMemberssetting, select a host name from theAvailablelist for each BIG-IP device that you want to include in the device group, including the local device. Use the Move button to move the host name to theIncludeslist.TheAvailablelist shows any devices that are members of the device's local trust domain but not currently members of a Sync-Failover device group. A device can be a member of one Sync-Failover group only. Also, for vCMP-provisioned systems on platforms that contain a hardware security module (HSM) supporting FIPS multi-tenancy, the FIPS partitions on the guests in the device group must be identical with respect to the number of SSL cores allocated to the guest's FIPS partition and the maximum number of private SSL keys that the guest can store on the HSM.
- From theSync Typelist:
- SelectAutomatic with Incremental Syncwhen you want the BIG-IP system to automatically sync the most recent BIG-IP configuration changes from a device to the other members of the device group. In this case, the BIG-IP system syncs the configuration data whenever the data changes on any device in the device group.
- SelectManual with Incremental Syncwhen you want to manually initiate a config sync operation. In this case, the BIG-IP system syncs the latest BIG-IP configuration changes from the device you choose to the other members of the device group. We strongly recommend that you perform a config sync operation whenever configuration data changes on one of the devices in the device group.
- SelectManual with Full Syncwhen you want to manually initiate a config sync operation. In this case, the BIG-IP system syncs the full set of BIG-IP configuration data from the device you choose to the other members of the device group. We strongly recommend that you perform a config sync operation whenever configuration data changes on one of the devices in the device group.
- In theMaximum Incremental Sync Size (KB)field, retain the default value of1024, or type a different value.This value specifies the total size of configuration changes that can reside in the incremental sync cache. If the total size of the configuration changes in the cache exceeds the specified value, the BIG-IP system performs a full sync whenever the next config sync operation occurs.
- For theNetwork Failoversetting, select or clear the check box:
- Select the check box if you want device group members to handle failover communications by way of network connectivity. This is the default value and is required for active-active configurations.
- Clear the check box if you want device group members to handle failover communications by way of serial cable (hard-wired) connectivity.
For active-active configurations, you must select network failover, as opposed to serial-cable (hard-wired) connectivity. - In theLink Down Time on Failoverfield, use the default value of0.0, or specify a new value.This setting specifies the amount of time, in seconds, that interfaces for any external VLANs are down when a traffic group fails over and goes to the standby state. Specifying a value other than0.0for this setting causes other vendor switches to use the specified time to learn the MAC address of the newly-active device.This setting is a system-wide setting, and does not apply to this device group only. Specifying a value in this field causes the BIG-IP system to assign this value to the global bigdb variablefailover.standby.linkdowntime.
- ClickFinished.
Syncing the BIG-IP configuration to the device group
Before you sync the configuration, verify that the devices targeted for config sync are members of a device group and that device trust is established.
This task synchronizes the BIG-IP configuration data from the local device to the devices in the device group. This synchronization ensures that devices in the device group operate properly. When synchronizing self IP addresses, the BIG-IP system synchronizes floating self IP addresses only.
You perform this task on either of the two
devices, but not both.
- On the Main tab, click.
- In the Device Groups area of the screen, click the arrow next to the name of the relevant device group.The screen expands to show a summary and details of the sync status of the selected device group, as well as a list of the individual devices within the device group.
- In the Devices area of the screen, choose the device that shows a sync status ofChanges Pending.
- In the Sync Options area of the screen, selectPush the selected device configuration to the group.
- ClickSync.The BIG-IP system syncs the configuration data of the selected device to the other members of the device group.
Specifying IP addresses for failover communication
You perform this task to specify the local IP addresses that you want other devices
in the device group to use for continuous health-assessment communication with the local
device. You must perform this task locally on each device in the device group.
The IP addresses that you specify must belong to route domain
0
.- Confirm that you are logged in to the device you want to configure.
- On the Main tab, click.This displays a list of device objects discovered by the local device.
- In the Name column, click the name of the device to which you are currently logged in.
- Near the top of the screen, clickFailover Network.
- ClickAdd.
- From theAddresslist, select an IP address.The unicast IP address you select depends on the type of device:PlatformActionAppliance without vCMPSelect a static self IP address associated with a VLAN on the internal network (preferably VLANHA) and the static management IP address or addresses currently assigned to the device. If the system is configured with both IPv4 and IPv6 management IP addresses, then by default, the system will use either of these addresses for failover communication if needed, for failover communication between devices.Appliance with vCMPSelect a static self IP address associated with a VLAN on the internal network (preferably VLANHA) and the unique management IP address currently assigned to the guest. If a guest is configured with both IPv4 and IPv6 cluster management IP addresses, then by default, the system will use either of these addresses for failover communication if needed, for failover communication between devices.VIPRION without vCMPSelect a static self IP address associated with a VLAN on the internal network (preferably VLANHA). If you choose to select unicast addresses only (and not a multicast address), you must also specify the existing per-slot static management IP address or addresses (IPv4, IPv6, or both) that you previously configured for each slot in the cluster. If you choose to select one or more unicast addresses and a multicast address, then you do not need to select the existing per-slot, static management IP addresses when configuring addresses for failover communication.VIPRION with vCMPOn the vCMP host, select a self IP address that is defined on the guest and associated with a VLAN on the internal network (preferably VLANHA). If you choose to select unicast failover addresses only (and not a multicast address), you must also select the existing per-slot virtual static management IP address or addresses (IPv4, IPv6, or both) that you previously configured for each slot in the guest's virtual cluster. If you choose to select one or more unicast addresses and a multicast address, you do not need to select the existing per-slot virtual static, management IP addresses when configuring addresses for failover communication.Failover addresses should always be static, not floating, IP addresses.
- From thePortlist, select a port number.We recommend using port1026for failover communication.
- To enable the use of a failover multicast address on a VIPRION platform (recommended), then for theUse Failover Multicast Addresssetting, select theEnabledcheck box.
- If you enabledUse Failover Multicast Address, either accept the defaultAddressandPortvalues, or specify values appropriate for the device.If you revise the defaultAddressandPortvalues, but then decide to revert to the default values, clickReset Defaults.
- ClickFinished.
After you perform this task, other devices in the device group can send failover
messages to the local device using the specified IP addresses.
Creating a second traffic group for the device group
This task creates a second active floating traffic group to process application
traffic. The default floating traffic group (traffic-group-1) processes application
traffic for the local device.
For this implementation, name this
traffic group
traffic-group-2
.- On the Main tab, click.
- On the Traffic Groups screen, clickCreate.
- Type the nametraffic-group-2for the new traffic group.
- In theHA Load Factorfield, specify a value that represents the application load for this traffic group relative to other active traffic groups on the local device.If you configure this setting, you must configure the setting on every traffic group in the device group.
- In theMAC Masquerade Addressfield, type a MAC masquerade address.When you specify a MAC masquerade address, you reduce the risk of dropped connections when failover occurs. This setting is optional.
- Select or clear the check boxAlways Failback to First Device if it is Available:
- Select the check box to cause the traffic group, after failover, to fail back to the first device in the traffic group's ordered list when that device (and only that device) is available. If that device is unavailable, no failback occurs and the traffic group continues to run on the current device.
- Clear the check box to cause the traffic group, after failover, to remain active on its current device until failover occurs again.
- For theFailover Ordersetting, in theLoad-Awarebox, select a device name and using the Move button, move the device name to thePreferred Orderbox. Repeat for each device that you want to include in the ordered list.This setting is optional. Only devices that are members of the relevant Sync-Failover device group are available for inclusion in the ordered list. If you have enabled the auto-failback feature on the traffic group, make sure that the first device in the ordered list is the device to which you want this traffic group to fail back to when that first device becomes available.If none of the devices in thePreferred Orderlist is currently available when failover occurs, the BIG-IP system uses load-aware failover instead.
- ClickFinished.
You now have a second floating traffic group on the local device (in addition to the
default floating traffic group) so that once the traffic group is activated on the
remote devices, devices in the device group can process traffic for different
applications.
Assigning
traffic-group-2 to a floating virtual IP address
This task assigns a floating traffic group to a
virtual IP address on a device.
- On the Main tab, click.The Virtual Address List screen opens.
- In the Name column, click the virtual address that you want to assign to the traffic group.This displays the properties of that virtual address.
- From theTraffic Grouplist, selecttraffic-group-2 (floating).
- ClickUpdate.
The device's floating virtual IP address is now a member of your second traffic group.
The virtual IP address can now fail over to other devices in the device group.
Assigning
traffic-group-2 to floating self IP addresses
This task assigns your floating self IP address to
traffic-group-2.
- On the Main tab, click.
- In the Name column, click the floating self IP address assigned to VLANinternal.This displays the properties of that self IP address.
- From theTraffic Grouplist, selecttraffic-group-2 (floating).
- ClickUpdate.
The device's floating self IP address is now a member of your second traffic group. The
self IP address can now fail over to other devices in the traffic group.
Syncing the BIG-IP configuration to the device group
Before you sync the configuration, verify that the devices targeted for config sync are members of a device group and that device trust is established.
This task synchronizes the BIG-IP configuration data from the local device to the devices in the device group. This synchronization ensures that devices in the device group operate properly. When synchronizing self IP addresses, the BIG-IP system synchronizes floating self IP addresses only.
You perform this task on either of the two
devices, but not both.
- On the Main tab, click.
- In the Device Groups area of the screen, click the arrow next to the name of the relevant device group.The screen expands to show a summary and details of the sync status of the selected device group, as well as a list of the individual devices within the device group.
- In the Devices area of the screen, choose the device that shows a sync status ofChanges Pending.
- In the Sync Options area of the screen, selectPush the selected device configuration to the group.
- ClickSync.The BIG-IP system syncs the configuration data of the selected device to the other members of the device group.
Forcing a traffic group to a standby state
You perform this task when you want the selected traffic group on the local device to fail over
to another device (that is, switch to a
Standby
state). Users
typically perform this task when no automated method is configured for a traffic
group, such as auto-failback or an HA group. By forcing the traffic group into a
Standby
state, the traffic group becomes active on another device
in the device group. For device groups with more than two members, you can choose
the specific device to which the traffic group fails over. - Log in to the device on which the traffic group is currently active.
- On the Main tab, click.
- In the Name column, locate the name of the traffic group that you want to run on the peer device.
- Select the check box to the left of the traffic group name.If the check box is unavailable, the traffic group is not active on the device to which you are currently logged in. Perform this task on the device on which the traffic group is active.
- ClickForce to Standby.This displays target device options.
- Choose one of these actions:
- If the device group has two members only, clickForce to Standby. This displays the list of traffic groups for the device group and causes the local device to appear in the Next Active Device column.
- If the device group has more than two members, then from theTarget Devicelist, select a value and clickForce to Standby.
The selected traffic group is now in a standby state on the local device and active
on another device in the device group.