Forum Discussion

tephra_266845's avatar
tephra_266845
Icon for Nimbostratus rankNimbostratus
Jun 27, 2016

GTM: http+https and WideIP availability

Hi All,

 

We are using 2x BIG-IP VM's (11.6) running in different datacentres with both GTM + LTM running on the same appliance.

 

On each LTM we have two Virtual Servers (in LTM), one for HTTP and one for HTTPS (to the same backend server).

 

Our GTM WideIP has a pool which includes both of these Virtual Servers.

 

However we need GTM to detect when EITHER the HTTP or HTTPS VS is down and disable the WideIP on that event (so that the alternate datacentre can take over traffic.

 

Whats the best solution:

 

  1. Rework the VS's so that both HTTP and HTTPS is served from one VS, however it appears that irules are required on the VS to detect SSL handshake or not...
  2. Some sort of irule on the GTM WideIP to detect when both members are available...

Both seem a little to custom, isn't there a way to say GTM WideIP/pool status = good, if only both members are available??

 

Just to re-iterate, if we dont change the current behaviour, when for instance HTTPS is down, the WideIP will remain up (because HTTP works).. however this then breaks client access...

 

Regards David

 

  • Hi David!

     

    We recently had the same scenario and it is a way to achieve that.

     

    You do not know which service the client is preferring when the DNS request comes in (you do if you have different dns names for http and https). So you will have to decide which pool and thereby which VS health should be taken into account when GTM answers the DNS request.

     

    You can however also include a dependency vs:

     

    1. Create two VS in GTM – one with x.x.x.x:80 and one with x.x.x.x:443
    2. On the x.x.x.x:443 VS you set a dependency virtual server – the x.x.x.x:80
    3. Now you can create a GTM pool with just the x.x.x.x:443 server and assign it to the wideIP.

    If either of the two monitored VSs goes down the next VS assigned in the pool will be used.

     

    I hope that this helps you.

     

    /Riad

     

  • Hi David!

     

    We recently had the same scenario and it is a way to achieve that.

     

    You do not know which service the client is preferring when the DNS request comes in (you do if you have different dns names for http and https). So you will have to decide which pool and thereby which VS health should be taken into account when GTM answers the DNS request.

     

    You can however also include a dependency vs:

     

    1. Create two VS in GTM – one with x.x.x.x:80 and one with x.x.x.x:443
    2. On the x.x.x.x:443 VS you set a dependency virtual server – the x.x.x.x:80
    3. Now you can create a GTM pool with just the x.x.x.x:443 server and assign it to the wideIP.

    If either of the two monitored VSs goes down the next VS assigned in the pool will be used.

     

    I hope that this helps you.

     

    /Riad

     

  • Thanks gents!

     

    Whilst its not the ideal solution (in regards to obviousness :)) it does work!

     

    thanks muchly!