About 1 month ago, the company I am working for purchased
some F5 BIGIP HA+ load balancers. These are 4U high
rackmount units. Essentially, they are just PC's with
two ethernet cards running a modified variant of BSD unix.
The only unique part is the one special card, a watchdog board.
Here is the version I'm using:
F5 Networks, Inc. BIG/ip Version 3.0Build48
Domestic HA Edition
Why use one of these over something like a Cisco Local Director,
or an Alteon, or something else? In a nutshell, because they
really work. The network vendors out there are quick to point
out how their devices are 'in silicon' etc. However, most
of them use the supervisor or management processor to handle
filtering, load-balance host selection, etc. So you really
aren't getting that. People don't notice
Other problems with non-F5 loadbalancers is the whole 'are
we a switch or a router' problem. Other load balancers cannot
effectively be a firewall or a NAT. They generally do their
task only when packets match a profile, and then let
packets that don't match through. This is dangerous, and I've
been burned by this in the past.
Since I bought these used, I didn't get the latest software
or support from F5. So, here are some notes for others to
use in case they are in the same situation.
My biggest problem when starting up was getting the high-availability
working and resetting the configuration that was in the product.
Since we bought these off of eBay, we had to figure out how to
start fresh. I found another web page talking about F5's, but
it recommended the wrong commands. For these units, the command
. It will allow you to reset all of the
configuration settings in the bigdb.
Once I got the devices working, I couldn't get the failover to
work. Both of the units would stay in an ACTIVE state, which
is wrong. At first I thought it was the cable, but that
wasn't the problem. It turns out that when the devices are
in stateful-mirror failover mode, they couldn't communicate
with each other. I turned this off and then things worked. This
must have been a bug in their software.
- The BigIp failover cable is just a null-modem serial
cable. Don't let anybody charge you a lot of money for one of these. When
I looked at the ports, I didn't detect hardware flow control either.
- Can't see certain things in the Web UI? The problem is
be a problem when you are trying to use Mozilla to configure the device.