GTM wide ip pool persistence and one pool with 3 x LTM VS

Question

Hello,&nbsp;
Our user WWW clients have three possible routes to the internet and are using GTM to resolve proxy name in a pac file to to a virtual server [VS] in a pool in a wide IP. There are three Big-IPs.&nbsp;

The F5 GTMs are data linked&nbsp;

Each F5 has one VS for WWW client to resolve proxy to via the GTM wide ip&nbsp;

The wide IP has a pool with all three VS&nbsp;

the users are resolved to one of the VS IPs for proxy.&nbsp;

the VSs are configured as explicit forward proxies&nbsp;

the next hop to each F5 is a local internal firewall&nbsp;

Everything works great and has done for quite some time but due to volumes and firewall out of state we need to persist users to a particular VS route out and not get balanced out via different VSs.&nbsp;
If we wanted to persist the clients to a particular VS after the GTM resolves, can we do that with this configuration on the Wide IP Pool? My concern is the config has one wide IP pool which contains the VSs and we are not sure if the Wide IP pool persistence operates down to the pool VS or if it has to work with more than one pool?&nbsp;
Thanks for any help,&nbsp;
Derrick&nbsp;

csoc_146480 · Answer

forgot to mention version is 11.5.2

james_thomson_1 · Answer

When you configure WideIP persistence as described here:  link text
It will persist a user to the IP address that is selected for them, not the pool.&nbsp;
The GTM however only sees the IP address of the DNS server that sent it a request unless your user's DNS entry on their machine is the GTM.&nbsp;
Question:  On your user's laptop or desktop, are they pulling IP's from DHCP?  If so, what DNS server are they getting?&nbsp;
If the answer is the GTM, then you are fine.&nbsp;
If the answer is another DNS server and everyone in your company gets the same DNS server, then that could be a problem as the GTM will only every see that DNS server as a requestor.&nbsp;
Let me know if that makes sense and answers your question.&nbsp;

james_thomson · Answer

When you configure WideIP persistence as described here:  link text
It will persist a user to the IP address that is selected for them, not the pool.&nbsp;
The GTM however only sees the IP address of the DNS server that sent it a request unless your user's DNS entry on their machine is the GTM.&nbsp;
Question:  On your user's laptop or desktop, are they pulling IP's from DHCP?  If so, what DNS server are they getting?&nbsp;
If the answer is the GTM, then you are fine.&nbsp;
If the answer is another DNS server and everyone in your company gets the same DNS server, then that could be a problem as the GTM will only every see that DNS server as a requestor.&nbsp;
Let me know if that makes sense and answers your question.&nbsp;

csoc_146480 · Answer

Thanks James,

When we trialed persistence with two Big IP enabled, most of the traffic used one LTM which makes sense now if clients are not using the GTM as their configured DNS. I will check to make sure how all the DNS is working and confirm 100%

csoc_146480 · Answer

Thanks James,

When we trialed persistence with two Big IP enabled, most of the traffic used one LTM which makes sense now if clients are not using the GTM as their configured DNS. I will check to make sure how all the DNS is working and confirm 100%

Forum Discussion

GTM wide ip pool persistence and one pool with 3 x LTM VS

9 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Port Group on F5OS network setting

Advise on setting up IRULE

F5 iRule to replace host to path

Related Content

SNAT pool persistence

Removal of Client Side F5 Persistence Pool Cookie

Decoding the IPv4 address from the persistence cookie

Exchange2010 SNAT pool persistence

steps to configuring mx record by using wide IP