Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Procedure to remove F5 DNS Controller/GTM from iquery sync group, to allow maintenance?

Env: F5 LTM and GTMs at 11.5.2

In order to perform maintenance on GTMs, our thought is to remove the unit in question from the iQuery sync group, to prevent any possible impact to the gslb resolution of wide IPs involved.

Is there a procedure for doing so? I don't see anything in the Admin guide etc. docs.

Or, is there an alternate recommendation to prevent impact on DNS resolution from a GTM potentially being offline or in an uncertain state?

(Note that separately we need to prevent any DNS requests from being sent to the GTM to be removed from the sync group - i have that part sorted).

Thx!

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hello.

There exists already a procedure to do this -> https://support.f5.com/csp/article/K14044?sr=34465681

Also, you can reset device certificates which broke the iQuery communication

cat /config/httpd/conf/ssl.crt/server.crt > /config/big3d/client.crt
cat /config/httpd/conf/ssl.crt/server.crt > /config/gtm/server.crt

KR, Dario.

0
Comments on this Answer
Comment made 2 weeks ago by daboochmeister 416

Perfect, thank you! Certs aren't the issue, iqdump shows all communication working without any SSL errors, but thx.

0