f5-applebaum
commented
2 years ago CFE does not perform any health checks on its own. It simply triggers off the Active/Standby status of BIG-IP. By default, that is simply determined only by heartbeat connectivity (i.e. Can I can hear my peer, no, I assume he is down, I will take over). Other BIG-IP features like HA groups can provide additional advanced logic to controlling Active/Standby status itself (i.e. various impaired states vs. simple instance up/down: for example, using gateway pools to monitors when certain destinations are unreachable, trunk health, etc.)
See: https://support.f5.com/csp/article/K15367 https://support.f5.com/csp/article/K16947
For degraded states or traffic directionality aware failover, you might be able to explore gateway pools?
shyawnkarim
Do you already have an issue opened with F5 support?
no
Description
For AWS Cross AZ deployment, we need make sure the following failures F5 can monitor and fail-over to another AZ.
I think the current failover solution already cover 3-4 requests. However, if the original client requests just from a direct connection. It would be great if CFE can check one of the IP's availability on another side of the DX connection to ensure when DX to AZ network fails, system can successfully fail-over to another F5/AZ. Also if AZ1 to AZ2 fails, but DX to both AZs are not impacted, then the fail-over shouldn't be triggered.
Environment information
For bugs, enter the following information:
Severity Level
As this could impact a big number of clients, especially for existing F5 sales opportunities. AWS as F5's partner, I would suggest we can provide a solution ASAP for fulfill the client's project requirement.
Severity: <2>