Forum Discussion

SalishSeaSecurity's avatar
SalishSeaSecurity
Icon for Altostratus rankAltostratus
Jul 31, 2019

Can iquery operate on multiple interfaces?

This conversation suggests it is possible: https://devcentral.f5.com/s/feed/0D51T00006j3OvySAE

However, when we added more IPs to the servers in the server list, we saw intermittent failures to update pool member status when taking VS's up/down.  

Is it possible that 'gtm_add <remote gtm additional address>' is needed?

 

This is the problem we are trying to solve:

- a set of GTM/LTM in two data centers, DC-A and DC-B, hosting apps balanced across data centers

- iquery traffic traverses a WAN between DC-A and DC-B

- WAN failure will cause a "split brain" situation when the GTMs can't "see" each other or the distant LTM

- It is important to know that WAN failure will cause the apps in DC-B to fail. That failure should cause the GTM in DC-B to assign traffic to DC-A. But with the WAN down, the DC-B GTM can't "see" the GTM/LTM in DC-A. It "thinks" apps in both DCs are down, so any queries on DC-B GTM for WIPs fail.

 

Does anyone know if iquery can operate on multiple interfaces, and if an additional gtm_add is required?

 

TIA

 

application delivery
BIG-IP DNS

4 Replies

Sort By
  • SalishSeaSecurity's avatar
    SalishSeaSecurity
    Icon for Altostratus rankAltostratus
    Aug 01, 2019

    JG,

    I think in this case 'netstat -ant | grep 4353 | grep EST' would have been more illustrative.

    I am familiar with K13690. In fact, it was the command 'tmsh show /gtm server all' that prompted to me to consider running 'gtm_add <remote gtm additional address>'. But I could find no documentation to support multiple uses of the gtm_add command against the same target with multiple addresses. My original question could have been phrased more precisely. Of course, a GTM can run iquery over multiple interfaces to connect to multiple GTMs or LTMs over different network paths. However, that is not the problem I am trying to solve. The real issue is can a GTM communicate with iquery to multiple interfaces on another GTM or LTM? To illustrate:

     

    GTMA: 10.10.10.1 & 172.16.10.1

    GTMB: 10.10.20.1 & 17.16.20.1

     

    They both exchange iquery over their 10.10.x.x addresses. Can they concurrently exchange iquery over their 172.16.x.x interfaces?

     

    TIA,

    JB

     

     

  • JG's avatar
    JG
    Icon for Cumulonimbus rankCumulonimbus
    Aug 02, 2019

    From what I have found out, only one IP address is allowed for each system, even though the service is available on multiple addresses.

    From "man gtm_add":

    "      gtm_add is an interactive script that is used to integrate a new BIG-IP GTM system into a sync group that is already defined on one or more remote BIG-IP GTM systems.

          The script wipes out the current configuration of the GTM system on which it is run and replaces it with configuration of the remote GTM systems in the specified sync

          group.

    "

    So there is only a "replace" but no "add" functionality in the facility.

    Also if you look at the command /usr/local/bin/gtm_add itself, which is a perl script, Lines 113-176 (BIG-IP 13.1.1) show that only one address will be taken. if you are on a different version of BIG-IP, look for the starting line:

    while (@ARGV > 0) {

    in the script.