Forum Discussion

Giorgi_Gujabidz's avatar
Giorgi_Gujabidz
Icon for Cirrus rankCirrus
Nov 09, 2020

Are NTP and DNS traffic management type or not?

Hello everyone,   I'm system engineer in integrator company and currently I have one PoC of AWAF project with a customer. I have little experience of working with f5 devices, so I have one questi...
application delivery
BIG-IP
dns
ntp
route
tmm
TMOS
Giorgi_Gujabidz's avatar
Giorgi_Gujabidz
Icon for Cirrus rankCirrus

Hi Pete,

 

First of all, thanks for your reply and explanation. You confirmed my thoughts that NTP, DNS and services like that are are part of control plate, not the data plane, so related traffic should go via management interface, not via TMM switch ports.

 

I already had configured default routes for both TMM and Management interfaces. As I said NTP and DNS servers are located in other subnets, so to get packages there, f5 needs routing. So for example NTP server's IP hits default route 0.0.0.0 as there is no distinct route there and there are no direct path, but f5 chooses TMM default route. I guess it is because of route metric (as management metric has higher metric). I just don't understand why it is designed like that? I think it will be more logical, if programmatically control plane traffic will always choose management default route.

 

So, if I understand you correctly, you suggest me to create additional static routes via management interfaces, is that correct? I wonder what is the best practice from the Vendor's point of view? As static routes are considered as a poor design by Network Engineers, as it complicates troubleshooting.

Giorgi_Gujabidz's avatar
Giorgi_Gujabidz
Icon for Cirrus rankCirrus
Nov 15, 2020

Hi boneyard,

 

Thanks for your reply. Not that I really need to do it via management interface, I just wanted to clarify which services use management interface by default and which not. I thought that if particular traffic is defined as management traffic, that should flow via management interface by default, but now I understand that this is not the case. I realized that the only traffic that flows via management interface is only management traffic itself (WebConsole and SSH). All other traffic, is that data or management type, looks at route table first and wins first (of course direct path), then most specific route and the last, default routes with the least metric. So I asked customer to open flows from TMM interfaces for DNS and NTP traffic.