Topic
  • 5 replies
  • Latest Post - ‏2013-06-21T08:42:41Z by nepomuk
nepomuk
nepomuk
151 Posts

Pinned topic Self Balancing config

‏2013-06-11T15:57:37Z |

I've been asked to look at using self balancing DP devices as a way of removing the F5 load balancers which currently sit in front of them. However, the current config will typically have an F5 in front of 2 XI50's, each XI50 will have 2 interfaces, all interfaces on the same VLAN, F5 uses one VIP to spray across the 4 interfaces.

From what I've read this config can't be replicated with self balancing as only one interface per device can be in the same standby group. Is there no way of using multiple interfaces per device?

Why do we need 11 interfaces on a device anyway? The most I've seen anyone use is 3.

  • tjsmith
    tjsmith
    6 Posts
    ACCEPTED ANSWER

    Re: Self Balancing config

    ‏2013-06-17T20:37:06Z  
    • nepomuk
    • ‏2013-06-17T17:02:46Z

    The current network config uses multiple interfaces for resiliency (HA) not bandwidth, is it likely that a physical device interface could fail? apart from the obvious case of a cable becoming detached. Are you saying that this is not necessary, I'd like to convince them that this is the case.  As fas as I can see if we want to use SB and dispense with the F5's then the network people must be happy to use only one interface per device. If they insist on 2 then we could create 2 standy groups, but then there are 2 VIPs so we need something to spray across the 2 VIPs :(

    Your points are well taken.  It is true that with an extra interface, there would be some additional protection from failure of logic associated with a given physical interface and the cabling.  But this as compared to the logic for the entire appliance and the firmware is very small.  Whether they are comfortable with that additional risk will be up to their risk profile.

    I can tell you that we have some customers with very large tiers (10+ appliances on the same Standby Control group) each with a single interface while running with self balancing.

    By the way, a best practice is to have one interface receive traffic on the inbound side that is being self balanced while having a separate interface for the backend servers.  This keeps the front side and back side from competing with each other for bandwidth.

    You are correct that if you have 2 interfaces on each appliance, attached to 2 different SB groups, you would have 2 different VIPs.  And, you would need an external sprayer which you are trying to avoid.

    Best Regards,

    TJS.

  • JoeMorganNTST
    JoeMorganNTST
    427 Posts

    Re: Self Balancing config

    ‏2013-06-13T16:17:40Z  

    Is there no way of using multiple interfaces per device?

    Can't you just create another standby group?

     

    Why do we need 11 interfaces on a device anyway?

    Maybe you want to segment by interface (not just IP) certain services.  We organize our services into domains, and each domain uses it's own interface.  For me, just helps to keep things sane, even though it isn't required.

     

     

  • tjsmith
    tjsmith
    6 Posts

    Re: Self Balancing config

    ‏2013-06-14T17:42:45Z  

    We do not currently support more than one physical interfaces per appliance on the same standby control group.

    If you are wanting to use multiple interfaces for additional bandwidth, I would recommend using 10G interfaces.

    If you are wanting to use multiple interfaces for HA,  the single physical interface per box should be sufficient.  If two were added to a standby control group, you could actually have slower recovery if an appliance went down as it is very possible that the standby interface would be on the same box.   If the appliance with the primary interface went down, and the standby was the second interface on the same box, the other physical appliance would have to recognize that the standby was also broken before taking over.

    Best Regards,

    TJS

  • nepomuk
    nepomuk
    151 Posts

    Re: Self Balancing config

    ‏2013-06-17T17:02:46Z  
    • tjsmith
    • ‏2013-06-14T17:42:45Z

    We do not currently support more than one physical interfaces per appliance on the same standby control group.

    If you are wanting to use multiple interfaces for additional bandwidth, I would recommend using 10G interfaces.

    If you are wanting to use multiple interfaces for HA,  the single physical interface per box should be sufficient.  If two were added to a standby control group, you could actually have slower recovery if an appliance went down as it is very possible that the standby interface would be on the same box.   If the appliance with the primary interface went down, and the standby was the second interface on the same box, the other physical appliance would have to recognize that the standby was also broken before taking over.

    Best Regards,

    TJS

    The current network config uses multiple interfaces for resiliency (HA) not bandwidth, is it likely that a physical device interface could fail? apart from the obvious case of a cable becoming detached. Are you saying that this is not necessary, I'd like to convince them that this is the case.  As fas as I can see if we want to use SB and dispense with the F5's then the network people must be happy to use only one interface per device. If they insist on 2 then we could create 2 standy groups, but then there are 2 VIPs so we need something to spray across the 2 VIPs :(

  • tjsmith
    tjsmith
    6 Posts

    Re: Self Balancing config

    ‏2013-06-17T20:37:06Z  
    • nepomuk
    • ‏2013-06-17T17:02:46Z

    The current network config uses multiple interfaces for resiliency (HA) not bandwidth, is it likely that a physical device interface could fail? apart from the obvious case of a cable becoming detached. Are you saying that this is not necessary, I'd like to convince them that this is the case.  As fas as I can see if we want to use SB and dispense with the F5's then the network people must be happy to use only one interface per device. If they insist on 2 then we could create 2 standy groups, but then there are 2 VIPs so we need something to spray across the 2 VIPs :(

    Your points are well taken.  It is true that with an extra interface, there would be some additional protection from failure of logic associated with a given physical interface and the cabling.  But this as compared to the logic for the entire appliance and the firmware is very small.  Whether they are comfortable with that additional risk will be up to their risk profile.

    I can tell you that we have some customers with very large tiers (10+ appliances on the same Standby Control group) each with a single interface while running with self balancing.

    By the way, a best practice is to have one interface receive traffic on the inbound side that is being self balanced while having a separate interface for the backend servers.  This keeps the front side and back side from competing with each other for bandwidth.

    You are correct that if you have 2 interfaces on each appliance, attached to 2 different SB groups, you would have 2 different VIPs.  And, you would need an external sprayer which you are trying to avoid.

    Best Regards,

    TJS.

  • nepomuk
    nepomuk
    151 Posts

    Re: Self Balancing config

    ‏2013-06-21T08:42:41Z  
    • tjsmith
    • ‏2013-06-17T20:37:06Z

    Your points are well taken.  It is true that with an extra interface, there would be some additional protection from failure of logic associated with a given physical interface and the cabling.  But this as compared to the logic for the entire appliance and the firmware is very small.  Whether they are comfortable with that additional risk will be up to their risk profile.

    I can tell you that we have some customers with very large tiers (10+ appliances on the same Standby Control group) each with a single interface while running with self balancing.

    By the way, a best practice is to have one interface receive traffic on the inbound side that is being self balanced while having a separate interface for the backend servers.  This keeps the front side and back side from competing with each other for bandwidth.

    You are correct that if you have 2 interfaces on each appliance, attached to 2 different SB groups, you would have 2 different VIPs.  And, you would need an external sprayer which you are trying to avoid.

    Best Regards,

    TJS.

    Thanks for the comprehensive answer. I'm currently doing some demos with several virtual XI52's running on VMWare. Hopefully I can come up with a configuration which will enable us to remove some of the F5's.