For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

santsboy_145140's avatar
santsboy_145140
Icon for Nimbostratus rankNimbostratus
Jul 19, 2014

F5 GTM and Wide IP

Hi,

 

we are thinking about deploying a GTM/LTM solution for our 2 active/active DCs with 1 GTM and 2 LTMs in each.

 

A DNS server will delegate to the GTM part of the global domain. And this is the configuration we are thinking to put:

 

-A record that defines the domain name and IP address of each GTM

 

gtm1.wip.example.com IN A 1.1.1.1 gtm2.wip.example.com IN A 2.2.2.2

 

-NS record that defines the delegated zone for which the GTM’s will be responsible

 

wip.example.com IN NS gtm1.wip.example.com wip.example.com IN NS gtm2.wip.example.com

 

-CNAME records to forward requests to the wide IPs (GTM IPs).

 

www.example.com IN CNAME www.wip.example.com

 

And here are the steps we think it will happen:

 

1- The user requests www.example.com and the requests goes to the DNS server that owns www.example.com

 

2- DNS server replies to the user saying, go to the CNAME, www.wip.example.com

 

3- The client will request www.wip.example.com that points to gtm1.wip.example.com and gtm2.wip.example.com

 

4- Once the GTM receives the request it will respond with the Wide IP

 

Our questions are:

 

1- is 1.1.1.1 and 2.2.2.2 the Self IPs of the GTMs?

 

2- Will the GTM reply to the user request with the Wide IP or the VIP of the LTMs?

 

3- Will the user have the VIP of the LTM in any action?

 

4- in case the user only has the WIP, it means that all the traffic going to the user wil go first to the LTM (through SNAT) and then to the GTM, and from the GTM to the user?

 

Thank you very much for the help.

 

regards,

 

SANTSboy

 

BIG-IP DNS
deployment
design

5 Replies

  • Matt_Dierick's avatar
    Matt_Dierick
    Icon for Employee rankEmployee
    Jul 21, 2014

    1- is 1.1.1.1 and 2.2.2.2 the Self IPs of the GTMs?

     

    [Matt] Nop. 1.1.1.1 and 2.2.2.2 are the listeners on port 53.

     

    2- Will the GTM reply to the user request with the Wide IP or the VIP of the LTMs?

     

    [Matt] The wide IP is the hostname requested. GTM answer with the LTM's Virtual Servers (the VIPs). GTM answers with the translated public address is needed.

     

    3- Will the user have the VIP of the LTM in any action?

     

    [Matt] When GTM has answered with the right VIP, user starts a connection to that VIP related to www.example.com

     

    4- in case the user only has the WIP, it means that all the traffic going to the user wil go first to the LTM (through SNAT) and then to the GTM, and from the GTM to the user?

     

    [Matt] the workflow : users requests DNS type A for www.example.com. DNS server (behind LTM or not) uses CNAME to make the request to the GTM listener address IP (1.1.1.1 or 2.2.2.2). GTM check in his configuration if a wideIP is equal to www.example.com. If yes, GTM answer with a Record Type A to the users corresponding to the right LTM VIP (translated or not).

     

    • claudio_elorza_'s avatar
      claudio_elorza_
      Icon for Nimbostratus rankNimbostratus
      Jan 21, 2015
      Hi brother, i need also configure gtm for subdomain with wideip, you have guide or step. for create subdomain in gtm is necesary zone runner?
  • vj_singh_177738's avatar
    vj_singh_177738
    Icon for Nimbostratus rankNimbostratus
    May 15, 2015

    Hi, I am new for GTM. could you please let me know a document which I can refer for its understanding. Thanks

     

    • dryk_00's avatar
      dryk_00
      Icon for Nimbostratus rankNimbostratus
      Oct 11, 2018

      Hello,

       

      is it possible to load balance on GTM one FQDN that is configured for two different services? Example. Two DCs A nd B. In each DC two VIPs A: 10.10.10.10:8443 and 8080, DC B: 10.10.11.10:8443 and 8080. One fqdn for both VIPs ex. . Is this possible?