For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

jparri2323's avatar
jparri2323
Icon for Nimbostratus rankNimbostratus
Nov 19, 2025
Solved

Big-IP LTM integration with Big-IP DNS in Azure

We are deploying Big-IPs to Azure. We are going with 3 NICs(mgmt/client/server) Big-IP LTM/APM nodes. They will integrate with existing Big-IP DNS nodes. What is the NIC to use for not only the initi...
application delivery
cloud
deployment
  • Jeff_Granieri's avatar
    Jeff_Granieri
    Nov 22, 2025

    Hi jparri2323​ ,

     

    With a 3-NIC deployment for your LTM/APM VE's in Azure its best to keep MGT-NIC for admin/control plane operations only.. Typical 443/22 access.  Protect with a MGT NSG and use a jump host/bastion host for access.  HA between Active-Standby LTM's should use the internal NIC.  iQuery  should also flow over the internal NIC if possible. If DNS is only reachable via external NIC then you can use that.  iQuery should use the data-plane NIC's when possible.  Hope this helps

jparri2323's avatar
jparri2323
Icon for Nimbostratus rankNimbostratus
Nov 22, 2025

I appreciate the response. Depending how we set it up, the Big-IP DNS devices(already built) can reach the client/external self-ips and also the internal/server self-ips on the new LTM/APM nodes. We can setup the access via firewall/NSGs. However, per your response, I will look to using the internal/server nic's for that specific communication between those devices. OR at least have that flow on the data plane as you mentioned. I appreciate the input.

LiefZimmerman's avatar
LiefZimmerman
Icon for Admin rankAdmin
Nov 25, 2025

Thanks for marking as solution jparri2323​ - really helps the community! Cheers.