Forum Discussion
Ireda
Cirrostratus
CirrostratusGTM Design | LTM+ ASM+GTM on same VM
Dears, I am planning to publish the same service through two sites by LTM and ASM. Each site has two F5 VMs (LTM and ASM). The customer is required to make the two sites active-active, we recomm...
Hi,
My answers based on a few similar projects:
1- You can have one GTM, but it won't provide true NS redundancy. Best practice I've seen is to have at least two NS geographically separated, each NS pointing to a GTM cluster (2VMs per site to provide in-site F5 redundancy). Other advanced architecture have more NS but same number of F5s by adding secondary ISP link to the mentioned GTMs
2- In theory you can have the three modules in the same VM (I recommend 16GB of RAM) but in practice it's better to have GTM in a separated VM and separated subnet.
3- There's two parts: where to position GTM? and how to handle DNS requests? For the first I usually prefer to have DNS as close as possible to the WAN edge router. For the second, you usually delegate a subdomain, or if managing all your domain by GTM you can point the entire domain to your GTM listeners
4- Two IPs, one for each ISP
Amr_Ali
MVP
MVPAdding to what Sebastiansierra wrote, you will need to add the two LTM ( LTM Site 1 and LTM Site 2) on the GTM as a Big-IP server, and this method makes the GTM take The status for all Virtual Servers from the LTM, and this you will need to create a virtual server on the GTM and add these Virtual servers to pool and thin attach this pool to wideIP with your preferred record,
you can have just one GTM on one site, and if you plan to get two GTMs one for each site you will need to make synch group between them
IredaThanks, Amr
how can I make a synch group between two GTMs in diffrent sites? provide me with a guide.
- Amr_Ali
Hello Ireda,
please check this two link :
https://f5-dns-automation-demo-12-1-x.readthedocs.io/en/latest/lab2/sync-group.html
and you will just need reachability between two GTM,
- Ireda
Thanks Amr for quick support.
please check attached, it is fine or we need to assign public IP to GTM for reachability with the GTM in other side.
Let us prepare a steps:
1- Make GTM as authortive dns
2- I will publish GTM and ASM applications with the same public IP?
-GTM VIP ----Public IP : 53 ------will be nat by FW VIP to GTM self IP.
- ASM APP VIP----Public IP : 443----------will be nat by FW VIP to LTM/ASM self IP.
3- Check reachability between two public IPs and apply sync group
