F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

dhsmith_116072's avatar
dhsmith_116072
Icon for Nimbostratus rankNimbostratus
Nov 02, 2013

How can I automatically mark pool addresses down when one ISP fails with GTM acting as Link Controller with multiple ISP's?

We have LTM monitoring individual pool members and GTM finds out if the pool is available only by asking LTM - this is fine. GTM has multiple public IP's to give out for each ISP providing service. S...
design
dhsmith_116072's avatar
dhsmith_116072
Icon for Nimbostratus rankNimbostratus
Dec 04, 2013

OK, I just had to try hitting all the objectives so I did a little test. There are reasons you might not want it this way, but here it is.

 

First, I created several "transparent monitors" to verify communication through gateways. Then I created a pool on the LTM called LinkTestISP1. I assigned the transparent monitors to the pool and added a single member, the ISP1 router. This gives me a pool that is "UP" if any one of the monitors is ok. Then I created a virtual server (it seems unnecessarily indirect, but the communication I need to the GTM is only by virtual server) Call the server ISP1isOK, give it a completely bogus IP address (I used a non-existent and non-routeable address and bogus service port) and give it the default pool of LinkTestISP1. Now on the GTM I find a pool with one member using an address provided by ISP1 and I edit that member and at the bottom of the screen in the "Dependency List" box I can now find and add my virtual server ISP1isOK.

 

This sounds very cludgey probably because it is, but it gets me the objective of having only one device monitor the links. The other big advantage in this production environment where I do not have a "lab" to play with is that I was able to test this without disrupting any product services. I changed the health monitors to one designed to fail, watched the pool go down, watched the VS go down, and watched the GTM remove only that member address from it's pool (product still up on the primary address)

 

The big downside to this solution is that you must now edit ALL of the servers the GTM learns from the LTM and add the appropriate dependency (after building the same kind of testing for the other ISP's of course) That's a lot of config work, and I still haven't even addressed the config changes for the LTM so that the same tests failing will remove options from it's gateway pool for outbound traffic. So - conclusion is - the F5 suggested solution whereby both devices do upstream monitoring for the Links is the way to go. Now if I can only find a way to test it without disrupting actual product I'll be completely happy with it.

 

Cheers