BIG-IP DNS Routing features

Question

Hi all&nbsp;
i plan to integrate BIG-IP DNS , i want to connect the ISP connection directly it , in the back end i will install LTM + ASM behind a firewall&nbsp;
is it clear that i can configure public IPs on the DNS as listners but whene the process of name resolution is done, the client will send a HTTP GET to obtain the page, the problem is how to send the client request to the web servers located behiend the LTM ?&nbsp;
i used to do that on LC by creating VS listening on port 80 and forward that traffic to the back-end, but in the BIG-IP DNS i am unable to create VS from the web management interface &nbsp;
i am able to do it from the tmsh and it working good (version 13.1)&nbsp;
the question is ther a better way to send the HTTP traffic to the back-end without Virtual server (using routing or somthing else) because i am afraid that the configuration from the TMSH desapear from the future version&nbsp;
i am planing to have the  DNSSEC, Routing, GSLB, DNS Services licences&nbsp;
best regards&nbsp;

lee_sutcliffe · Answer

Hi, as mentioned in the other thread - no need to put F5 DNS inline It can sit in a DMZ with a public IP address as a listener then when the IP is resolved it is routed out of band towards the LTM on your internal network&nbsp;
E.g.&nbsp;
1) Client DNS Query -&gt; Your edge firewall -&gt; F5 GTM in DMZ
2) Client HTTP Request -&gt; Your edge firewall (NAT) -&gt; LTM on internal network &nbsp;
Do you have restrictions preventing you having F5 DNS out of band?&nbsp;

Forum Discussion

BIG-IP DNS Routing features

1 Reply

Recent Discussions

Need advise to setup a policy on F5

Web acceleration

What are the different phases in DevOps?

Create a CSR and Key using the BigIP LTM GUI when renewing a certificate

F5 Rseries HA

Related Content

What is BIG-IP Next?

BIG-IP BGP Routing Protocol Configuration And Use Cases

SNI Routing with BIG-IP

A look on APT operations and using F5 BIG-IP features for mitigation

Getting Started with BIG-IP Next: Fundamentals