Forum Discussion

Azzeddine_S's avatar
Jan 03, 2018

BIG-IP DNS with LTM integration

Hi all

 

i am planing to install some BIG-IP DNS with LTM-ASM as shown in the picture below ,

 

since the BIG-IP DNS can be linked to the LTM to have a full view of what happening in the back end , my question is this toplogy is conform to best practices , and more important since the VS created on the LTM will be visible on the DNS , how to deal with IP , public or private ?

 

 

hope i were clear

 

thanks

 

5 Replies

  • You can certainly use private IP addressing on the LTM, I for one would prefer this design. iQuery messages are exchanged using self IP addresses of each F5 device, these are used to provide status information, metrics etc on the downstream LTMs.

     

    The only question you need to ask, regarding public IP addressing is if your DNS/GTM listeners are public IP addresses or private. Using public is simpler, however it it totally possible to use private addressing as there exists the capability to define the NAT IP when configuring your system.

     

  • talking about iQuery with the BIG-IP DNS and the LTM , the GIB-IP DNS wil see the VS configured on the LTM with their private IPs whiche are unusable for DNS answers which take me to create VS on DNS pointing to VS on LTM as nodes

     

    you do not have to.

     

    K14707: Configuring BIG-IP DNS server objects for BIG-IP devices that reside behind a firewall NAT

     

    https://support.f5.com/csp/article/K14707

     

  • talking about iQuery with the BIG-IP DNS and the LTM , the GIB-IP DNS wil see the VS configured on the LTM with their private IPs whiche are unusable for DNS answers which take me to create VS on DNS pointing to VS on LTM as nodes

     

    you do not have to.

     

    K14707: Configuring BIG-IP DNS server objects for BIG-IP devices that reside behind a firewall NAT

     

    https://support.f5.com/csp/article/K14707