Forum Discussion

Basil_Parsley_1's avatar
Basil_Parsley_1
Icon for Nimbostratus rankNimbostratus
Jan 28, 2016

GTM HA / Config synch

Guys,

 

RE GTM synchronization groups and GTM High Availability (HA) (Ver 11.x)

 

What explicitly is synchronised configuration wise in a GTM synchronization group ? Is this only the bigip_gtm.conf? Can this be controlled / filtered etc. my current assumption is not.

 

RE HA and failover / failback – is the GTM behaviour here documented anywhere – do we auto failback etc… What process occurs on failover – are gARPs sent on the network etc – how does this work in a multi (more than 2) unit setup e.g. how is device selection mediated.

 

RE GTM HA ; v simple scenario - in an enterprise - single DC – DNS internal only. How does HA work on failure of a device -? Is the idea that the 2 devices are identical including listener IPs thus when the redundant device comes on line is essentially acts in the same way as the original – and therefore needs to be in the exact same hosting environment?

 

Finally are there are solution (i.e. not reference) architecture documents / white papers describing how GTM mediated cross data center redundancy could be enacted ?

 

Thanks in advance … Note am not asking anyone to be my google butler here – seems to me this topic has not been documented fully … either that or there is a mother load document out there.

 

  • GTM is always active - there's no concept of failover/standby within the product - if it receives a DNS request on a listener, it will respond to it.

     

    The exception to this is if you have a listener configured on a floating IP address - in this case, only the BigIP which has that floating address will respond to a DNS request directed there.

     

    Typically each GTM would have a separate listener. The listener is actually an LTM virtual server, and is not part of the GTM configuration, so it is not present in bigip_gtm.conf

     

    GTM is simply a DNS resolver. The means by which requests are sent to the GTM is beyond the control of the GTM itself - that process is just the normal DNS resolution process whereby the NS records for your domain should point to your GTMs, and the resolver round robins the response.

     

    In other words, if you have two GTMs, you should also have tow NS entries for the domains that your GTM resolves for. Those NS entries will be configured on the parent zone, and provide resolvers with the IP addresses of the name servers that resolve for that domain. This all happens before the GTM sees the request, so it can not influence this process.

     

    In most cases, customers have two GTMs. Each has a listener configured in a subnet appropriate to the subnet it is connected to, and both listeners are configured as NS records. Requests are round robined by the normal DNS resolution process between both GTMs. Once either GTM in a sync group receives the query, the answer given will be consistent (ie, both GTMs would provide the same answer, regardless of which one is queried)

     

  • Cheers am better placed RE understanding (non) failover ;-) … ... But am miles from understanding GTM listeners reason being I have found no documentation on listeners / configuring listeners in ver 11.x ; all I have is snippets from ver 10.x and older DEVCENTRAL posts and a cursory overview in the GTM concepts doco. Suggestion I have from the links I have found is that this is under Global Traffic -> Listeners and has to be a (presumably local?) self IP. Other than the post above I have nothing suggesting these are LTM hosted IPs … Are we saying that DNS REQs hit an LTM ??? Presumably not ...

     

    Can we get ver 11 documentation on how to configure listeners and hopefully through this a functional understanding may flow ?

     

    Also there seems to be contradictory information as to ARP and listeners ... how does ARP work in this context.

     

    • IanB's avatar
      IanB
      Icon for Employee rankEmployee
      A GTM listener is just a funny name for an ltm virtual server listening on udp/53 (or tcp/53) with a DNS profile attached to it.
  • OK cool I will hold that thought .... Where is it configured? and where does the IP reside / is active?

     

    • IanB's avatar
      IanB
      Icon for Employee rankEmployee
      The GUI menu differs depending on what version of Big-IP you have. For 11.4.1 and below, it's under Global Traffic / Listeners. For 11.5 and later it's under DNS / Delivery / Listeners But in either version, all it does is provide a convenient and simplified interface to creating an LTM virtual that's already associated with the correct profile. You can go into Local Traffic / Virtual Servers after creating it, and it will show up there. At that point, it's no different from any other virtual server. The virtual can have any address that falls within a subnet defined by one of the self-ips on the device. In other words, if you have a self-ip of 172.16.0.1/24, then your GTM listener can be any available address within that /24, including the self-ip itself. Once the request is received, GTM processes it in the manner defined in the DNS profile (GTM / profiles / DNS ). If there are no handlers for the query, and the listener happens to also be a self-ip on the GTM, then the request is sent to the local named (bind) process.
  • Thanks – we have an understanding as to functionality. Couple more if I may –

     

    Like you say the listeners do not show in bigip_gtm.conf – they can however be viewed via TMSH.

     

    Q. What config file do these reside in ?

     

    Q2. What exactly is synched in GTM config synch – is this just bigip_gtm.conf . Can we 100% confirm listeners do NOT get synched in GTM config synchronisation ?

     

    Appreciate the help …

     

  • Virtual server configuration is written to bigip.conf (and is shared configuration as far as LTM HA is concerned - if you have a HA pair, that config will be replicated to the other members of the LTM device-group)

     

    There is no such object as a gtm listener - it's just a shortcut to creating an ltm virtual.

     

    Even on a dedicated GTM, with LTM unprovisioned, there's still aspects of the LTM product enabled and running, in order to provide the base that GTM sits on top of

     

  • Sorry to jump into the discussion ;-)

     

    When you say "Listener on GTM are actually the LTM virtual IP", how does it fit into the GTM provisioned and LTM unprovisioned box? I see in my environment that listener IP is listed in GTM > Servers and added as a BigIP system. Though this is also the self-ip of GTM.

     

    Regards

     

  • Sorry to jump into the discussion ;-)

     

    When you say "Listener on GTM are actually the LTM virtual IP", how does it fit into the GTM provisioned and LTM unprovisioned box? I see in my environment that listener IP is listed in GTM > Servers and added as a BigIP system. Though this is also the self-ip of GTM.

     

    Regards

     

    • IanB's avatar
      IanB
      Icon for Employee rankEmployee
      Provisioning GTM will enable the parts of the LTM product that GTM requires, even if it shows as not provisioned. There's no reason you can't have a listener defined on a self-ip, which also happens to be the self-ip that you've used to add the GTM as a server object.
  • Cheers Ian

     

    My understanding is increasing akin to the layers of a metaphorical onion.

     

    Last Q to hopefully close this off -

     

    Q. What exactly is synchronised in a GTM synchronization group would I be correct is assuming only Bigip_gtm.conf

     

    Amanpreet

     

    Your Q is somewhat off topic and perhaps should be addressed in a separate thread.

     

    As per the above “Even on a dedicated GTM, with LTM unprovisioned, there's still aspects of the LTM product enabled and running, in order to provide the base that GTM sits on top of.”

     

    Other than the above you would probably not expect to see LTM config on a GTM system as per sol12111: Provisioning licensed BIG-IP modules

     

    • IanB's avatar
      IanB
      Icon for Employee rankEmployee
      That's right, GTM sync deals with the configuration found in bigip_gtm.conf, and is synchronised entirely independently from LTM synchronisation. GTM listeners, actually being LTM virtuals, are not synchronised through GTM sync.
  • Well Ian you have earned your corn here - appreciate all the information - case closed ;-)