Forum Discussion
HW_36020
Nimbostratus
NimbostratusGTM configuration
I am trying to configure my two GTM's, one at each data centre for a subdomain of our parent domain hosted by a domain hosting company and would like to clarify a few things so that I know I am on the right track without breaking our parent domain abd can control DNS faoliver for the assigned sub domain:
if our domain name is hypothetically domainaus.com.au
1. I am going to create a subdomain in our 3rd party DNS as gtm1.domainaus.com.au with public IP address of gtm1 appliance and gtm2.domainaus.com.au with public IP of gtm2 appliance.
2. create alias records in 3rd party DNS for sub.domainauscom.au and refer it to sub.gtm1.domainaus.com.au and another sub.domainaus.com.au and refer it to sub.gtm2.domainaus.com.au
3. I have data centres created in both gtm1 and gtm2 appliances
4. I have gtm1 with listener and gtm2 with listener (both NAT'ed addresses and using internal IP)
5. I have gtm1 and gtm2 defined in gtm1 and gtm1 and gtm2 defined in gtm2 with iQuery running between all F5 devices and certs set to 10 years.
6. I have a pool with LTM servers as members and BigIP monitoring
7. I have an additional pool with stand alone servers as members and monitoring
8. I will then define a few wide IPs as sftp.sub.domainaus.com.au, search.sub,domainaus.com.au
and use relevant pools for each of these wide IP's
How do I get the wide IP on each gtm1 and gtm2 to respond with the correct public IP address (resolve) for each service (sftp and search)? Do I need to enter pointer records and A records in Zone Runner using BIND on each gtm?
OR
do I need to have a correct outbound SNAT to return a public IP address coming from the pool member that is available on each gtm?
Any assistace with this would be greatly appreciated as I am trying to understand how to configure this and how Wide IPs resolve with a public IP address to DNS requests.
HW_36020Ok worked it out for the public addresses. So step 6, 7 & 8 should be as follows:
6 - create server with public address (this is the address GTM should resolve in the DNS query). Add a virtual server and load balancing method to server.
7 - create a pool that adds the server in step 6 as a member.
8 - create wide IP of FQDN, such as sftp.sub.domainaus.com.au and use pool in step 7.
What I have found is that my monitors are not getting a positive response back from the servers in step 6. I have set my load balance as Global Availability and no alternate or fallback to get the DNS query against GTM to still have the correct response. Working on my monitors, but what are the best ones to use when the backend LTM virtual server is listening on a public address and not a NAT address?- JRahm
Admin
Unless you're on an older version in 9.x, The GTM should honor the servers and virtual server as configured. If the LTM virtual server is listening on a real address, it should be configured that way in GTM so the correct address is polled. - I'm a little concerned by 1 & 2.. Almost sounds like you're providing resolution of the actual VIP from your 3rd party DNS..
Let's say your domain is .domainaus.com.au. If you would like to provide intelligent resolution from the GTMs for hosts with the name X.domainaus.com.au... You would delegate a subdomain to the GTMs and create Aliases to those records..
For example let’s say you wanted users to type www.domainaus.com.au, but have the GTM provide intelligent resolution. You would make both GTMs authortive for the subdomain, gtm.domainaus.com.au. Let’s say your WIP is www.gtm.domainaus.com.au. Your alias would be www.domainaus.com.au with its object www.gtm.domainaus.com.au..
The important part is to provide the delegation to the GTMs... so when a client looks up anything on that subdomain it can ask either GTM for the answer..
Hope that helps.
