Configuring iQuery for GTM / DNS
Hi, We're starting to look at implementing GSLB for various of our external services. All of the documentation says we should add our BIG-IP devices in our other data centers via DNS > GSLB > Servers and add using its external IP address. We do not connect our F5's directly to the internet, instead the NAT is handled by our Firewalls. What IP should I use or how should i configure the server? With just their internal management IPs? (Both datacenters are linked via Layer 2 direct fibre so we can contact without having to go out externally) With the IPs they have in our pool subnet? Or do i add and put the external address that the GTM DNS listener will be on and have a translation to the internal GTM DNS listener address? Any pointers are appreciated. Thanks
Creating a GTM Pool error
I am trying to add a GTM pool with the following command create gtm pool a POOL_NAME { members add { DC:/Common/VS_NAME { member-order 0 } } } It is giving me this error: 01070226:3: Pool Member VS_NAME references a nonexistent Virtual Server The virtual server does exist. I have added 40+ other pools with the same command, this is the only one giving me an error. When I try to create the pool via the GUI this server is not available in the "Virtual Server:" dropdown list. What could be the issue?Adding LTM to GTM with different version
Hi Experts, I am looking for a KB that shows the prerequisites or consideration prior doing BIGIP ADD in GTM. Are goal is to use GSLB functionality of our GTM. Our GTM is running in 11.6.1 version and we will upgrade our LTM from 11.6.1 to 13.0. May we know if it is possible or there is an issue with this setup.GTM Source IP Redirect to Specific Pools iRule
I'm trying to redirect clients to specific pools based on the clients IP address through an iRule. I created this iRule in the GTM and it seems to be working fine however, I'd like to set client networks in the rule instead of "starts_with" in an effort to keep this rule as short as we add more and more clients. I've tried "equals "10.80.0.0/16" however that didn't seem to work. Anyone have any ideas on what I could do to achieve my goal? =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- when DNS_REQUEST { if { [IP::client_addr] starts_with "10.80." } { pool pool_10_80 } elseif { [IP::client_addr] starts_with "10.96." } { pool pool_10_96 } elseif { [IP::client_addr] contains "172.27." } { pool pool_172_27 } } =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Thanks in advance for any feedback.
BIGIP DNS health monitor
I suspect I am missing some fundamental understanding for this but what i want to accomplish is to have a wide ip that monitors two web servers and just returns only an ip of a server that is up. I created two server objects of product generic host. I put the ip of one webserver in the big-ip system devices and also created a resource on the page with the same ip. Repeated the process for the other. I created a GSLB pool and added both server objects. I created the wide ip object and added the pool. Resolves as expected with the webserver ips alternating, however none of the health monitors actually work (all are red) when i look at the pool members they have the error against availibility as Offline (Enabled) - Monitor /Common/gateway_icmp from <unknown> : no reply from big3d: timed out I suspect I am creating the server object incorrect or there is another way to do this, could anyone please advise?
DnsClientNrptRule configuration not working when connected to BIG-IP Edge Client
Hello, Our problem is when connecting to a third party VPN, our local DNS is not resolving causing problems with users accessing local resources while on this VPN. Split tunneling is enabled on the connection but we do not have control over changing any of the F5 connection settings since this connection is outside of our organization. We are attempting to fix this using a DnsClientNrptRule but even after adding the rule, it still uses the DNS servers configured on the VPN connection. The rule works as expected when not connected to the VPN. Any insight would be greatly appreciated. Thanks!
