Architecture Design question regarding GTM's

Question

Alright, so here's the deal:  Customer is going to VPN data to us, we have apps that are going to work some magic on the insidand then spit what the customer wants back out to them.  We're going for georedundancy, so we have GTM's sitting in boxes at 2 datacenters.  We're going to utilize LTM's on the inside for the apps, which have 2 components - the servers that run the app itself, and the servers that host the databases this app will be querying in order to work its magic.  The GTM's are greek to me, the LTM's only slightly less so.  Just need to know if I'm on the right path from a design perspective.&nbsp;
&nbsp;So, the design path I've got in my head here is Customer site (VPN initiation) &gt; cloud &gt; our edge router &gt; our firewall &gt; which then branches off to the GTM that syncs up with our other datacenter &gt; &amp; firewall further branches to our core switch &gt; which contains our active/standby LTM's, which will be handling load balancing the incoming data to our app servers in one pool and also load balancing the queries from the app servers to our database servers in another pool, all of which are also physically connected to the core switch.  And then of course, the same setup at our other datacenter, which will sync data so as to provide the necessary redundancy.&nbsp;
&nbsp;Do I have the right vision in my head, or am I misunderstanding where the placement of the GTM needs to be and whether or with regards to the usage of the LTM's?  It just "feels" like I'm missing a component here.&nbsp;

michael_yates · Answer

Hi Quintious, 
&nbsp;  
&nbsp; The simplest way to think of the GTM is as a DNS Server (because in essence that is exactly what it is), but it has more intelligence. 
&nbsp;  
&nbsp; There are several different ways to set them up (Delegate an entire DNS Zone to them - domain.com or delegate a sub-domain - application.domain.com).  Either way, the request hits the GTM and it will then make an "intelligent" decision on what response it wants to give the client. 
&nbsp;  
&nbsp; You can use Geo-Location to determine which Data Center is closer and send the client there, or you can do the more traditional Active / Standby.  Either way, the response to the client is the IP Address of the LTM Virtual Server that you want the client to go to (just like DNS). 
&nbsp;  
&nbsp; The GTM's are also not limited to just doing this for LTM's.  They can do this for all types of devices. 
&nbsp;  
&nbsp; I would recommend reading the following: 
&nbsp; Overview of the Global Traffic Manager 
&nbsp; Overview of BIG-IP GTM Topology records 
&nbsp;  
&nbsp; Hope this helps.

mark40_58016 · Answer

Thank you 
&nbsp;  
&nbsp; Good post 
&nbsp;  
&nbsp; I like your post. 
&nbsp;  
&nbsp; Thats good....

Forum Discussion

Architecture Design question regarding GTM's

Recent Discussions

Can you set Kerberos AAA server via session variable?

HTML Code injection Not detected by ASM

What will be happen to live and existing connections when failover HA BIG IP active-standby

SSL Offload and remove FQDN

High CPU utilization (100%).

Related Content

F5 Distributed Cloud Customer Edge on F5 rSeries – Reference Architecture

Question & Answer: Regarding CVE-2020-5902

Question regarding the F5 vulnerabilities page API

Mastering API Architectures Ebook from NGINX

Kubernetes architecture options with F5 Distributed Cloud Services

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS