For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

2funky_105078's avatar
2funky_105078
Icon for Cirrus rankCirrus
Apr 29, 2014

GTM working over the Internet

Hello,   I have 2 questions about a new design of Global Load Balancing over the Internet with our BigIPs devices configured in our corporate DMZs:   1) my understanding is that TCP/22, TCP/443...
application delivery
BIG-IP DNS
design
LTM
security
Hamish's avatar
Hamish
Icon for Cirrocumulus rankCirrocumulus
Apr 29, 2014

I think you're possibly misinterpreting the comms. The ports should be opened ONLY between your OWN GTM's... Not other peoples.

 

These ports are used for syncing config and state between your GTM's and between your GTM's and your LTM's.

 

Any access from the outside world is port 53 (udp and tcp) only. udp/53 always, tcp/53 generally where queries or responses are too large for a 512Byte UDP response (Or zone transfers, but that doesn't necessarily mean a lot for GTM)

 

H