Course Hero Logo

Understanding how device groups and traffic groups

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 121 - 123 out of 230 pages.

Understanding how device groups and traffic groups behave is the key to this topic.Experience with failing over HA systems will give the candidate the ability to answer thequestions on this topic.F5 introduced the Device Service Clustering (DSC) architecture in BIG-IP 11.x. DSCprovides the framework for ConfigSync, and other high-availability features, includingthe following components:Device trust and trust domainsDevice trust establishes trust relationships between BIG-IP devices through certificate-based authentication. Each device generates a device ID key and Secure Socket Layer(SSL) certificate upon upgrade or installation. A trust domain is a collection of BIG-IPdevices that trust each other, and can synchronize and fail over their BIG-IPconfiguration data, as well as regularly exchange status and failover messages.When the local BIG-IP device attempts to join a device trust with a remote BIG-IP device,the following applies:If the local BIG-IP device is added as a peer authority device, the remote BIG-IP devicepresents a certificate signing request (CSR) to the local device, which then signs the CSRand returns the certificate along with its CA certificate and key.If the local BIG-IP device is added as a subordinate (non-authority) device, the remoteBIG-IP device presents a CSR to the local device, which then signs the CSR and returns
121F5 301a - LTM Specialist: Architect, Setup & Deploy - Study Guidethe certificate.The CA certificate and key are not presented to the remote BIG-IPdevice.The subordinate device is unable to request other devices to join the devicetrust.Device groupsA device group is a collection of BIG-IP devices that reside in the same trust domain andare configured to securely synchronize their BIG-IP configuration and failover whenneeded.Device groups can initiate a ConfigSync operation from the device groupmember with the desired configuration change.You can create two types of devicegroups:A Sync-Failover device group contains devices that synchronize configuration data andsupport traffic groups for failover purposes.A Sync-Only device group contains devices that synchronize configuration data, but donot synchronize failover objects and do not fail over to other members of the devicegroup.Traffic groupsA traffic group represents a collection of related configuration objects that areconfigured on a BIG-IP device.When a BIG-IP device becomes unavailable, a trafficgroup can float to another device in a device group.FoldersA folder is a container for BIG-IP configuration objects.You can use folders to set upsynchronization and failover of configuration data in a device group.You can sync allconfiguration data on a BIG-IP device, or you can sync and fail over objects within aspecific folder only.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 230 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
Laur
Tags

Newly uploaded documents

Show More

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture