iquery over the internet gtm - to ltm

Hi Darren,

 

 

I think it's generally recommended to run iQuery over the same route clients would take. It's encrypted traffic so you shouldn't need to worry about someone snooping the traffic. And you could lock down the ports on the firewall to only other GTM/LTMs.

 

 

Aaron

Hi Aaron,

 

 

Our LTM's have been specified within the GTM's using their private LAN addresses, each GTM has a route to the LTM's through the LAN.

 

The problem we have is when one of the internet links go do down the GTM's can still see the LTM's through the LAN so still responds to dns queries as iquery is still functioning as normal. My plan is to specify each LTM on the GTM using a public ip address which I will NAT on the firewall to its private IP. Iquery for GTM's and LTM's at different data centres will run over the internet so it takes the same route as a client would take therefore if any device or link fails across that route the GTM will mark the virtual server associated with the failed device/link as down.

 

 

Does this seem like normal practice?

 

 

Many Thanks

 

Darren

 

 

That is THE only way to do it, really. As Aaron stated, it is best to use the same path client takes to get to for the iQuery traffic, to avoid the problems you are seeing.

 

 

John