mabdrasol
Nimbostratus
NimbostratusLTM+GTM at same box
we have two LTM nodes at HA setup and we need to migrate External DNS to F5 GTM
LTM and GTM license at same node
but I cant find a clear steps to do that or the best practices.
Forum Discussion
7 Replies
Oscar_PuchetaCirrus
Hi mabdrasol,
it can be done, no problem on using LTM and GTM on the same box. In regards to best practices, I would suggest you create the DNS configuration on your GTM devices, create listener with an IP address different to the current one serving the DNS request. Test extensively via dig/lookups and only when you are sure all is good, you perform the cutover re-pointing the NS records to the GTM's listeners.
Best Regards,
Oscar Pucheta
https://www.australtech.net
https://www.linkedin.com/in/npucheta/
mabdrasolHi Oscar,
thanks for your replay
I'm confused here in this implementations as my f5 has below interfaces
-self IP (for LTM)
-floating IP (for LTM)
-HA IP
when I try to add GTM and LTM as a servers do I need to add more self IPs for GTM as I cant use same self IP for GTM and LTM.
- Oscar_Pucheta
Hi, The selfip belongs to the device itself, it doesn't matter if you are using LTM or GTM, so, just add the device once, with the non-floating selfip and that's it. If you have LTM provisioned and you want to discover the Virtual Servers, then enable Virtual Server Discovery
- Oscar_Pucheta
if the devices are in HA, add both non-floating self-ips one for each device. But still add only once, so lets say the HA pair has these two devices:
-ltm01
-ltm02
then add the HA pair with a name like this: ltm01-02 and use the non-floating self ip for each device. Important point is that even you have two devices, because they are in HA, you just add once.
- mabdrasol
Hello Oscar,
thanks for great tips.
now I have added
-F5 node with two self ips
-create listener ip
-create pool with existing LTM VS.
-create wideip with a record for this pool.
-use dig tool to test dns resolving using listening ip from internal lan and resolving worked fine.
now I need to use this test from WAN side but I have a confusion here
here is my design
remote user >>WAN>>NET Router>>FW>>F5 DNS>>F5 LTM>>server
how to map VIP private IP to Real IP?
listener IP is a private IP do I need to NAT it in internet firewall to real IP?
jjairosYeah you have to NAT on the Internet FW.
- mabdrasol
I have nated the listener IP to real IP but when I try to dig from internet it give no response
DNS ›› GSLB : Servers : Server List ›› Virtual Servers
DNS VIP
Address :Real IP
Translation Address: private IP