Forum Discussion
CirrusBIG-IP DNS Routing features
Hi all
i plan to integrate BIG-IP DNS , i want to connect the ISP connection directly it , in the back end i will install LTM + ASM behind a firewall
is it clear that i can configure public IPs on the DNS as listners but whene the process of name resolution is done, the client will send a HTTP GET to obtain the page, the problem is how to send the client request to the web servers located behiend the LTM ?
i used to do that on LC by creating VS listening on port 80 and forward that traffic to the back-end, but in the BIG-IP DNS i am unable to create VS from the web management interface
i am able to do it from the tmsh and it working good (version 13.1)
the question is ther a better way to send the HTTP traffic to the back-end without Virtual server (using routing or somthing else) because i am afraid that the configuration from the TMSH desapear from the future version
i am planing to have the DNSSEC, Routing, GSLB, DNS Services licences
best regards
Lee_SutcliffeNacreous
Hi, as mentioned in the other thread - no need to put F5 DNS inline It can sit in a DMZ with a public IP address as a listener then when the IP is resolved it is routed out of band towards the LTM on your internal network
E.g.
1) Client DNS Query -> Your edge firewall -> F5 GTM in DMZ 2) Client HTTP Request -> Your edge firewall (NAT) -> LTM on internal network
Do you have restrictions preventing you having F5 DNS out of band?