Hey Everyone,
A10 Thunder ADC HA (I think it is VRRPa) vs aVCS vs for private cloud openstack multi tenant environment with mirroring and etc? aVCS maybe could work with multizone (2 devices in AZ1 , 2 in AZ2 and 2 in AZ3 with mirroring between them) ?
IF you are looking for a solution that can span multiple Access Zones in a Cloud and provide Failover support, you might want to look at using Global Service Load Balancing (GSLB) feature of A10 Thunder. This will provide a way to direct traffic to multiple AZs and around any defined nodes that may be in a down AZ. You may want to talk to your A10 Sales Team about this, as there are too many options to detail here about how you can solve this.
Why can’t aVCS be used for asymmetric routing where traffic enters zone a but the return traffic is from Zone B? Does aVCS handle asymmetric routing as I know it handles session sync?
This is why I asked about this as GSLB for each customer only single zone will be selected by the DNS resolution.
Stateful protocols must traverse the same load balancer for ingress / egress traffic flows. We cannot process a flow on another device in the cluster (as of today). Session sync is used for failover activities. There are some corner cases, such as Direct Server Return, which will not traverse the load balancer in a symmetric fashion.
Think of aVCS strictly as a management overlay for single pane of glass configuration of cluster and continuous config syncrhonization. It has no bearing on data plane traffic processing.
Data plane traffic redundancy is handled by VRRP-A.