Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

GTM DNS responses not reflecting pool availability

I've got a pair of 3410 units, each with GTM enabled. I've got the LTM configuration on each working, but I can't get GTM to work the way I think it should.

LTM on each unit is configured with a pool of servers. GTM is then pointed at both LTMs, and I have wide IP everything is under.

When I send DNS queries for the name of the WIP, it happily returns back both of the LTM virtual servers. If I update the GTM pool, removing and adding virtual servers discovered from the LTMs updates the DNS responses that GTM sends out.

The problem I'm running into, though, is that when the virtual servers on an LTM is disabled (either by manually taking down the real servers, or just disabling it in the LTM config), this is not reflected in the GTM DNS answers. Looking at the GTM status does accurately reflect the fact that one of the LTM virtual servers is disabled, but it keeps returning both LTM IP addresses.

Am I correct in assuming that the DNS answers returned by GTM should reflect what resources are actually available? Or is there something else I've completely missed here?
0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
If it is returning both answers at the same time, then that might mean that the requests are going back to Bind. do you have a GTM listener defined?
What are your load balancing methods?
Make sure at least one of the first 2 is a static method like round robin or ratio.
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
It depends on which metric is being used as to what answer(s) you are getting. There are 3 drop-downs in the pool, Preferred, Alternate, and Fallback. Typically Preferred and Alternate are set to an appropriate lb method (round trip, hops, round robin, QOS, etc) and Fallback should be left as Return to DNS, which essentially behaves like BIND and hands back all the answers the GTM knows about without any logic.

So you may be having a situation where GTM is not able to determine enough metrics for your selected Preferred or Alternate, and it's reverting to Fallback. You can tell in the Wide-IP statistics which of the 3 is used to resolve requests.

As to what could cause the Preferred and Alternate not to work, it depends on what those are set at, and whether iQuery and ssh are properly enabled between GTM and LTM (even though they are on the same physical device they are logically separated). Hopefully that will give you some troubleshooting info for now

Denny
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
There is also a Verify Virtual Server Availability checkbox on the pool settings, if this is unchecked, it will hand out the addresses regardless of vip state.
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
Aha! A gold star to j.thomson - I was missing a listener on the self IP address on each GTM. I saw in the docs where it said that GTM will answer DNS queries for itself even without a listener, but didn't understand that a listener was required for the dynamic behavior. It's all now working perfectly =)

Thanks to all for the quick responses!
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
Awesome, guys, thanks to all of you for chiming in. All 3 responses are valid conditions offer incredibly helpful advice when LTM->GTM dependencies seem to be ignored.

fs: If you feel the documentation is lacking, it's really helpful if you contact F5 Support & open a case requesting a doc clarification. You can do it in the support portal online if your AskF5 ID is enabled for it: Click here

/d
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
Will do!
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
We had a similar scenario so thanks for the fix! We have two active/active GTM/LTM combo F5's that we have our internal databases/apps on and when we would add the secondary F5 IP in the GTM's wide pool we would experience DNS flipping back and forth between the two (sending both IP's with primary/secondary changing places each nslookup). We had to create a GTM listener on each with their on respective IP's then we were able to have both IP's in the GTM wide pool and experienced no dns issues.

Thanks
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
In regards to Virtual Server Availability - I find the information fairly lacking on how this really works. 

If the Virtual Server has a 5 minute health monitor timeout and its functionally down (but not timed out), I gather the Verify Virtual Server availability only pertains to the state of the vip not testing the actual functionality of the vip and reacting sooner than 5 minutes.


0