If all virtual Virtual Servers will share a single IP address, it can use the external Self IP.

If there are multiple IP addresses required, these should be configured as secondary IP addresses for

Active/Active deployment can be done by pinning traffic-group-1 to the primary instance and traffic-group-2 to the secondary.  Then

  1. While a t2.medium instances is fine for the 25 or even 200 Mbps versions, those instances are limited to 3 Network interfaces.  Work-around: configure HA communication via the “internal” interface.
  2. Failover requires the F5 to make an API in to AWS so that the secondary IPs shift between instances.  This is done via an IAM account, so don’t skip that step
  3. Since failover involves detection, an API call, and probably some AWS backend magic, expect traffic flips to take around 20 seconds.


Aug 14 11:18:40 ip-10-132-126-120 err logger: /usr/libexec/aws/aws-failover-tgactive.sh (traffic-group-2): Unable to connect to host: ‘https://ec2.us-west-2.amazonaws.com’ Connection to https://ec2.us-west-2.amazonaws.com refused