BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member
Good day, everyone! Within the LTM platform, if a Pool is configured with "Min 1 of" with multiple monitors, you can check the status per monitor viatmsh show ltm monitor <name>, or you can click the Pool member in the TMUI and it will show you the status of each monitor for that member. I cannot seem to locate a similar function on the GTM/BIG-IP DNS platform. We'd typically use this methodology when transitioning to a new type of monitor, where we can passively test connectivity without the potential for impact prior to removing the previous monitor. Does anyone have a way through tmsh or the TMUI where you can check an individual pool member's status against the multiple monitors configured for its pool? Thanks, all!F5 as ISP LB - Internet health check based on latency
Hi Community, Just want to ask only if below scenario if our F5 is running as ISP LB to check the latency of ISP1 when it is high ( 250ms) to failover to ISP2? If there an F5 KB article or other solutions that you can refer for this required setup. Thanks in advance.
Replacing GTM f5
hello guys! this is also related to F5 GTM GSLB replacement | DevCentral I have some question on our F5 GTM replacement, we have an issue when we add the new F5 on data center following this KB https://my.f5.com/manage/s/article/K45907236 on the part "Creating a server (existing BIG-IP DNS)" the new server is in unknown state. When we check the error we see routines:ssl3_get_server_certificate:certificate verify failed f5 I am thinking bigip_add x.x.x.x will solve the problem however since the existing devices are on production I didnt use it instead, I uploaded the cert of existing f5 to new F5 on device management and Trusted certificate I saw on https://my.f5.com/manage/s/article/K85555245 Trusted device certificatesSystem>Certificate Management>Device Certificate Management>Device Trust Certificates Trusted server certificatesDNS>GSLB>Servers>Trusted Server Certificates the existing and new f5 has same certs now, however the problem is still there but this time error is different iqmgmt_ssl_connect: SSL error: Connection reset by peer (104) from connection x.x.x.x Do you guys know how to solve this SSL issue we have? I also have a question 1. when I updatedDNS>GSLB>Servers>Trusted Server CertificatesI export the server.crt from existing f5 and upload it on the new device. this overwrites the original server.crt. on the new F5. I am thinking running the bigip_add x.x.x.x but my worry is that it will make the certs doubled? because running bigip_add x.x.x.x will "append" the cert from existing F5 to new F5.. so I am thinking to delete the server.crt on my new f5, but the problem is I didnt save a backup of the original server.crt :( is there a way I can generate new server.crt on my new F5? do you think it is necessary to delete the current server.crt? or what I need is to do below per https://my.f5.com/manage/s/article/K9114? cat /config/httpd/conf/ssl.crt/server.crt >> /config/gtm/server.crt 2. Running bigip_add x.x.x.x will be from existing F5 correct existing f5# bigip_add x.x.x.x (new F5 IP) 3. new F5 is in v17 and existing F5s are in v14, do you guys think it is a problem? Thank you!F5 GTM resolution issue
I have an issue with F5 GTM resolution, after using nslookup to check if I can resolve the name of the website, that I created as an A record using wildeIP on GTM, I see that I can receive the correct IP for my website but after i try to access the website through HTTPS it not opened,Monitoring GTM / DNS Pools for consistency across multiple LTMs
Hi community. I have been trying to work out the best way to check my Wide-IP configuration is consistent across multiple LTMs. I have a WIP, that contains a pool, that contains 2 LTM VIPs in 2 DCs - how can I be sure that services in the LTM VIPs are consistent? For example, LTM-1 in DC-1 has a VIP containing a pool of 2 servers listening on https. LTM-2 in DC-2 has the same pool of 2 servers listening on https – all good so far. Engineer adds new server to DC-1 LTM-1 pool but doesn’t add the same server to DC-2 LTM-2. I now have inconsistent services across the 2 DCs. Has anyone scripted anything to check each WIP/pool for LTM VIPs then checked each of the configured LTM VIPs for pools/services and report on differences? Thanks in advance.
