For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

nomykhan_67907's avatar
nomykhan_67907
Icon for Nimbostratus rankNimbostratus
Oct 11, 2011

F5 GTM Appliance

Hi,

 

 

I am new to F5 and willing to understand the F5 GTM design.We have 2 Data centers connected over fiber. We need to operate them in Active/Active. What i understand from the F5 website is that u place a GTM appliance in each of the data center. The appliance has a virtual IP with the pool of real IPs that it distributes traffic to based on selected algorithm.

 

 

Now how it works? My user on the internet tries to access www.xyz.com, the DNS server of my ISP directs it to the GTM ( which GTM - Datacenter1 or 2?) and the GTM appliance forwards the traffic to best server.

 

 

is my understanding correct?

 

 

Now my questions

 

how does the 2 GTM appliances communicate for a failure?

 

How does the ISP direct traffic to the GTM? via DNS? How does is select it should go to primary site or secondary?

 

What happens when DC 1 fails - there is a disaster - how does the ISP send the request to DC2?

 

What if i have links from 2 different ISPs and i have my own AS? is the GTM IP need to be registered to both ISP DNSs?

 

 

I think i am pretty confused in the DNS functionality.

 

 

I would highly appreciate if you help me understand.

 

 

 

Nouman

 

 

 

 

config
design

1 Reply

  • George_Watkins_'s avatar
    George_Watkins_
    Historic F5 Account
    Oct 11, 2011
    Hi Nouman,

     

     

    1. GTM uses iQuery for intercommunication between GTM devices in the same sync group. This allows for communication about the health of other GTMs as well as configuration syncing. GTM uses what is known as a WideIP to direct traffic between datacenters. Anytime a record is served from a WideIP it is given a TTL of 30 seconds therefore it should only be cached for a maximum of 30 seconds. If that datacenter or standalone GTM were to fail, other GTMs will stop directing traffic to that WideIP/datacenter. Some users may see up to 30 seconds of failure before retrieving a new viable A record.

     

     

    2. In order to direct traffic to your GTMs in various datacenters you'll want to create NS records for the various listeners on your GTMs. DNS is redundant by default in that if it cannot contact the first nameserver it attempts to query, it will automatically move on after a short delay. Therefore the ISP doesn't "select" which GTM, the client arbitrarily round robins the NS records.

     

     

    3. See questions 1 and 2.

     

     

    4. Connect an interface to each IP space and create a listener and NS record for both addresses.

     

     

    GTM can seem a bit daunting at first, but once you get rolling it gets a lot easier. Soon enough you'll wonder how you ever lived without it. Feel free to post any other questions and I'll do my best to answer them. Hope this helps,

     

     

    -George