Bigip with each host having two nics on public and private via inter switch shared vlan. Should not cause issue so long as you know service comes via bigip to debug usage of kit via private ip side
Sent from my iPod > On 1 Jul 2021, at 19:04, Douglas Fischer <fischerdoug...@gmail.com> wrote: > > > I'm looking for solutions do deploy some type of selective high availability > and load balance based on the glue between Layer 2 and Layer 3 (ARP or ND). > > And I'm coming here to ask help to avoid reinventing the wheel. > > I know VRRP / Heartbeat, and their downside is the Active/Passive > characteristic. > -> But this project demands something that allows-me to have Active/Active > deployments. > I know GLBP, and it almost fits on the needed requirements. > -> Except by his load-balancing methods that do not allow-me define priority > and affinity between server nodes and clients. > > The basic ideia is something like Cisco GLBP with steroids: > - Multiple server nodes of same service running on a common bus and > answering the "L2 anycast requests" of the clients that are on the same bus > and same subnet. > - Some type of signaling between the multiple nodes making known the status > of the other nodes, their load. Maybe complementary information like "which > node is serving which client?" > - Resource Pools and Client Pools, and the crossing between then based on > priorities and affinities (Here is the Gotcha!). > - I want to be able to say "Node X will priorly serve clients A, E, G, > and T. Node Y will serve priorly clients B, C D, F. And node Z will server > everyone else." > > Answering suggestions in advance: > (I discussed that with some friends and based on those talks I will try to > predict some suggestions that we already considered.) > - No, unfortunately tradicional L3 anycast will not fit on the requirements. > Servers and clients to be at the same bus, on the same subnet. No L3 hops > between then. > - No, the use of some type of connection broker in L2 does not satisfy one of > the requirements. Beyond the load balance, that this approach will address, > the high availability in case on L2 segregation is also needed. > > > My v0 draft of idea was using GLBP, and L2 Firewall rules dynamically > adjusted, based on the Master-Status, to allow and block L2 communications > between each of those nodes and lists of client pools. > (Actually, I'm coming back to this idea again... Since I still don't have any > other better idea until now.) > > I friend Suggested that EVPN could help-me, but I must confess that is a hard > topic to me. > Unless it can be used depending exclusively on software (no special hardware > required), it won't fit. > > -- > Douglas Fernando Fischer > Engº de Controle e Automação
