Forum Discussion

box57l's avatar
box57l
Icon for Nimbostratus rankNimbostratus
Jul 31, 2019

GTM with Muliptle LTM VIPs

I have been trying to understand the best practice with configuring F5 GSLB Wide IP that has multiple LTM VIPs sharing the same host name.

 

Scenario: Web Server\s have multiple services in the structure of webservice.domain.com:80, webservice.domain.com:81, webservice.domain.com:82. Three LTM Virtual Servers are created, one for each service port, sharing the same IP address. LTM handles this fine if one service goes offline it will failover to another pool member.

 

My question is how is this configured in a GSLB scenario, as I can only have one service name\Wide IP, if one of the services fails in a LTM pool member how would the failover occur with DNS. Do I create one GSLB Pool and add all three Virtual Servers for say the Primary datacenter? If one Virtual Server fails a health check I assume we need to fail over all services to a secondary datacenter?

application delivery
BIG-IP
BIG-IP DNS
  • jaikumar_f5's avatar
    jaikumar_f5
    Icon for Noctilucent rankNoctilucent
    Aug 01, 2019

    Hi Box57l,

    Few points to note, the DNS does not care about the ports. For a DNS query, there will be a DNS resolution, which will be an IP. No ports included.

    So in your case, you would have just 1 WIP and 1 GTM pools in it or multiple pools based on your load balancing decision you want. A simple scenario would be like below,

    • A Single WIP for webservice.domain.com
    • A GTM pool having 2 VS (1 from each DC), because we plan to use only one VS from one DC which would have an Irule for decision making. The VIP would be listening on all ports, like wild card VS.
    • Lets say you want, your primary to always take traffic, you put GA and keep you 1 VS as order 0 & second VS as order 1. Then all your traffic goes to 1st DC ltm.

    On the LTM,

    • You create a VS with wildcard port - which accepts all ports.
    • Then you create multiple pools 80, 81 & 82.
    • Then you create an Irule for pool selection based on the source ports,
    when CLIENT_ACCEPTED {    
     if { [TCP::local_port] == 80 } {       
        pool pool_80            
        }
     if { [TCP::local_port] == 81 } {       
        pool pool_81            
        }
     if { [TCP::local_port] == 82 } {       
        pool pool_82           
        }
}

    If in case the 1st LTM is unreachable for some reasons, the failover happens to 2nd DC and takes traffic. If you think, what if the DC1 pool_80 alone goes down, where the traffic would land. In that case, you can again put active members logic in it, and add your other DC's pool in this LTM as well.

    There are many ways to achieve this. But DNS is all about IP alone.