Forum Discussion

eneR_159774's avatar
eneR_159774
Icon for Nimbostratus rankNimbostratus
May 06, 2019

GTM/DNS and LTM - iQuery via Mgmt Ort Self-ip

Hey Guys, is it possible to connect the GTMs and LTMs (for dataexchange via iquery) via the mgmt interface and is there a best practice to do this via mgmt interface OR a configured self-ip?

 

  • Hello eneR

     

    "An iQuery connection is defined as an SSL connection on port 4353 from a local gtmd process to the big3d process on a remote or local BIG-IP server. When big3d starts, it listens for port 4353 on all configured self IP addresses and the management interface IP address."

     

    REF - https://support.f5.com/csp/article/K9837

     

    I recommend you to use always the TMM instead of Mgmt interface.

     

    KR, Dario.

     

  • You can technically use the Management interface and found useful to run

    gtm_add
    targetting the management interface as SSH is required, and often blocked on production networks, to perform certificate swap and form the trust between BIG-IP devices.

    You can also add multiple IP addresses into a

    Server
    configured on the F5 DNS/GTM and an iQuery connection will attempt to be established to all IP addresses from each F5 DNS/GTM device. Only one iQuery connection between each device is actually required but I would avoid having failing iQuery connections if you can help it.