VIP (Validation ID Protection)

I am at a customer that would like to make their VIP installation as redundant as possible, utilizing their F5 BIG-IP load balancers. From the documentation, what I can tell is there is two components that can be load balanced,

1. Self Service Portal

2. Enterprise Gateway

The Self Service Portal makes enough sense, as it is exposed to the Internet, basically we will make a virtual IP for the multiple Self Service Portals and expose that virtual IP address  to the Internet via NAT.

What I dont understand is how to Load Balance the Enterprise Gateway. This is not exposed to the Internet and seems to make outbound connections to Symantec (more like say Logmein on a PC). Putting a load balancer in front of two enterprise gateways seems like it would not help in any way, as there is nothing making a connection the Enterprise Gateway. Am I correct in this, or is there something I am overlooking. The guide on page 82 describes load balancing but jsut talks about offsetting LDAP synchronization schedules, which I understand that portion but nothing about how to load balance. Any comments or suggestions would be greatly appreciated.

We have pretty much the same setup as we have Enterprise Gateways all around the world. We also have SSP's all over the world. We have only load balanced the SSP's at the F5 level. In order to load balance the Enterprise Gateways we did internal load balancing for the SSP's to look at the Enterprise Gateways.

Hi Dave,

Load Balancing VIP EG is really for the inbound services to it.

So, SSP and any RADIUS servers set up on it. Load balancing the SSP is most common and you've already done this.

Most of the time you don't need worry about load balancing the RADIUS servers, as generally most RADIUS clients allow you to specify a set of RADIUS servers in a priority list. If you do want to load balance these servers, simply ensure your load balancer understands UDP and RADIUS and configure it as you would any other virtual IP load balanced service.

Cheers, Nick