GTM not detecting the service as up.

Question

Folks,We have recently provisioned the GTM module in one of our VE device. We wanted to configure a test environment here.The VE had the valid licenses for the GTM.&nbsp;However, the server shows as down, we have added a port 443 monitor.Telnet to the server IP works fine to port 443 when I try this form the CLI. &nbsp;What could be the issue and what do I need to look at? The Data Centre also sows as down on the GTM but I believe this is because none of the servers show as up.&nbsp;Please note that at this stage all I have done is added a server which shows as down.&nbsp;&nbsp;Regards,Neel

dans92 · Accepted Answer

You can't just have anything as the Prober Pool Member. It has to be the server for the GTM. Do these steps exactly:

Create Server for the GTM. So the device that you sent this screenshot from, we'll pretend it's called f5gtm1.com. You'd create a server named f5gtm1. This server will be BIG-IP System (Single). You need to give it an Address, Translation, and Data Center. Leave Virtual Server Discover Disabled.
Then create Prober Pool.

dans92 · Answer

Ok so since it's a Generic Host you should only need TCP 443.

You created a Data Center which means you should've also created a Prober Pool. If yes, does your Prober Pool have a member? You should have also created a server for the GTM itself and added it to the Prober Pool.

For example:

Your GTM device hostname = F5device1.com

Create Server named F5device1 with correct External IP, translation, Data Center, Prober Pool, and bigip health monitor.

If you haven't created the Prober Pool yet, create it then perform the step above.

dans92 · Answer

The only thing that will be in the Prober Pool is the server you create for the GTM.

For the location, you can create separate Data Centers for each location. Then you attach a Data Center and Prober Pool to each Server you create. This gives you the ability to enable and disable entire Data Centers with 1 click. So I'd create a UK Data Center.

I'm not 100% sure what best practices are for Prober Pools in your case, but I think you'd still just have one Prober Pool for each GTM, and one Data Center for each actual location. Then each Data Center needs a Prober Pool attached, and each Prober Pool needs a Server attached.

dans92 · Answer

This could be due to a large number of reasons... Two of the more common reasons are:

Port TCP 4353 is blocked on a Firewall from the GTM Self IP to the IP of the remote device
Remote device's Device Certificate hasn't been imported on the GTM under DNS > GSLB > Servers > Trusted Server Certificates

You should see some error logs in System > Logs > GSLB that will point you in the right direction

nikson_m · Answer

Thanks Dan!!&nbsp;port TCP 4353, I believe is the iQuery port which we should not be concerned here about. The reason is that all we are doing is adding Generic hosts to this DNS.&nbsp;In System -&gt; Logs --&gt; GSLB we are not able to see any logs.&nbsp;I do feel that there is some basic steps that we have not setup, just not able to understand what else could be needed.

nikson_m · Answer

We have not created a prober pool yet, so is that the first requirement?&nbsp;In this case this GTM is in US and the server which are added to it are in UK.How do I approach this in my case?

Forum Discussion

GTM not detecting the service as up.

8 Replies

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

SSL Orchestrator Advanced Use Cases: Detecting Generative AI

Per-app failover for Kubernetes-based services using F5 Distributed Cloud Services

Kubernetes architecture options with F5 Distributed Cloud Services

Migrating F5 BIG-IP APM From Legacy NAC Service to Compliance Retrieval Service

End-to-End Fraud and Risk Detection with F5 Distributed Cloud