Using F5 DNS to move public hostname resolution to other data center if outgoing internet access is down

I've been looking for how to reliably accomplish something that feels like it should be a bog-standard need - but not finding any clear description of how to do it.

 

We have a primary and a backup data center (DC1 and DC2), with GTMs and LTMs at both. All VIPs in DC1 are replicated over in DC2, with different public IPs (obviously). What we would like to do is have the GTMs return the VIP for DC1 under nominal conditions - but if internet access fails from within DC1, have the GTMs return the VIP for DC2.

 

I have the feeling the "right" way to do this is via a link object on the GTMs. But i can't quite get my head around how that would work. Other ways I've considered is an HTTP/HTTPS monitor on the GTMs, somehow associated with the GSLB pool that references the LTM VIP (but ... i'm not sure how to make the monitor only operate on the GTMs in DC1, so that they don't give a false reading because the same monitor succeeds on GTMs in DC2); or an HTTP/HTTPS monitor on the LTM, that marks the VIP in DC1 down if internet access fails.

 

Is there a best practice for this? The GTM monitor seems clean to me - but I'm not 100% where to apply it (to the GSLB server object that contains the DC1 VIP, i assume?) The LTM monitor would be straightforward - but it would be added to every VIP for which this approach is needed, and that feels like weaker "encapsulation", to use an OOP term.

 

If it matters, our environment is v11.5.2, for all GTMs and LTMs involved.

 

Thank you!