NimbostratusHi, Does anyone have any example GTM configurations to provide GSLB to LTMs? The GTM would be authoritative for the whole domain, providing WideIP functionality to the virtual severs behind the LTMs
EmployeeThere are a number of variables related to what you're asking for. I recommend going through the free online GTM training provided by F5:
https://f5.com/education/training/free-courses/tag/global%20traffic%20manager
and reading this guide:
https://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm-implementations-11-5-0.html
You may consider the three day GTM training course provided by F5:
https://f5.com/education/training/courses/big-ip-global-traffic-manager-gtm-v11
Having said that, here are some simple configuration commands via tmsh for configuring a GTM for initial use, then adding an LTM to its iQuery mesh, with the following assumptions:
GTM:
- mgmt IP: 192.168.1.212
- VLANs: internal, external
- selfIPs: internal = 10.10.212.1/24; external = 10.11.212.1/24
- route: default via 10.11.212.254
- provisioned: GTM
LTM:
- mgmt IP 192.168.10.100
- VLANs: internal, external
- selfIPs: internal = 172.16.5.1/24; external = 172.20.50.1/24
- route: default via 172.20.50.254
- provisioned: LTM
And the commands:
Create a Datacenter; all Servers must be in a Datacenter
tmsh create datacenter seattle
Create Server for the GTM itself; it will not monitor objects unless this is done
tmsh create gtm server gtm01 addresses add \
{ 192.168.1.212 { } 10.10.212.1 { } 10.11.212.1 { } } \
datacenter seattle product single-bigip monitor bigip
Create Server for the LTM; this is a required before running bigip_add
tmsh create gtm server ltm01 addresses add { 172.20.50.1 { } }
Run bigip_add
bigip_add 172.20.50.1
If you are using certificates that are not self-signed:
https://support.f5.com/kb/en-us/solutions/public/7000/700/sol7717.html
If the LTM is running an older version of BIG-IP than the GTM, you may need to run
big3d_installhttps://support.f5.com/kb/en-us/solutions/public/13000/300/sol13312.html
The LTM interface through which iQuery communication occurs must have port lockdown set at least to "Default" (i.e., it cannot be "None").
From this point, you must create GTM Pools containing the LTM Virtual Server objects, then create WideIPs using the created Pools. The materials above should prove instructive for this purpose.
CumulonimbusA good, concise example. Things might have changed, but in the current documentation I find the following:
"Important: You must use a self IP address for a BIG-IP ® system; you cannot use the management IP address."A related question about the answer: Are the self-IP addresses local addresses?
If yes, two self-ip addresses, each local to the pair of LTM devices, should be added as well?
CumulonimbusA related question about the answer: Are the self-IP addresses local addresses?
If yes, two self-ip addresses, each local to the pair of LTM devices, should be added as well?
There are a number of variables related to what you're asking for. I recommend going through the free online GTM training provided by F5:
https://f5.com/education/training/free-courses/tag/global%20traffic%20manager
and reading this guide:
https://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm-implementations-11-5-0.html
You may consider the three day GTM training course provided by F5:
https://f5.com/education/training/courses/big-ip-global-traffic-manager-gtm-v11
Having said that, here are some simple configuration commands via tmsh for configuring a GTM for initial use, then adding an LTM to its iQuery mesh, with the following assumptions:
GTM:
- mgmt IP: 192.168.1.212
- VLANs: internal, external
- selfIPs: internal = 10.10.212.1/24; external = 10.11.212.1/24
- route: default via 10.11.212.254
- provisioned: GTM
LTM:
- mgmt IP 192.168.10.100
- VLANs: internal, external
- selfIPs: internal = 172.16.5.1/24; external = 172.20.50.1/24
- route: default via 172.20.50.254
- provisioned: LTM
And the commands:
Create a Datacenter; all Servers must be in a Datacenter
tmsh create datacenter seattle
Create Server for the GTM itself; it will not monitor objects unless this is done
tmsh create gtm server gtm01 addresses add \
{ 192.168.1.212 { } 10.10.212.1 { } 10.11.212.1 { } } \
datacenter seattle product single-bigip monitor bigip
Create Server for the LTM; this is a required before running bigip_add
tmsh create gtm server ltm01 addresses add { 172.20.50.1 { } }
Run bigip_add
bigip_add 172.20.50.1
If you are using certificates that are not self-signed:
https://support.f5.com/kb/en-us/solutions/public/7000/700/sol7717.html
If the LTM is running an older version of BIG-IP than the GTM, you may need to run
big3d_installhttps://support.f5.com/kb/en-us/solutions/public/13000/300/sol13312.html
The LTM interface through which iQuery communication occurs must have port lockdown set at least to "Default" (i.e., it cannot be "None").
From this point, you must create GTM Pools containing the LTM Virtual Server objects, then create WideIPs using the created Pools. The materials above should prove instructive for this purpose.
CumulonimbusA good, concise example. Things might have changed, but in the current documentation I find the following:
"Important: You must use a self IP address for a BIG-IP ® system; you cannot use the management IP address."A related question about the answer: Are the self-IP addresses local addresses?
If yes, two self-ip addresses, each local to the pair of LTM devices, should be added as well?
CumulonimbusA related question about the answer: Are the self-IP addresses local addresses?
If yes, two self-ip addresses, each local to the pair of LTM devices, should be added as well?