F5 Logo MyF5
Search
  1. MyF5 Home
  2. Knowledge Centers
  3. BIG-IP GTM
  4. BIG-IP Global Traffic Manager: Implementations
  5. Configuring GTM on a Network with Multiple Route Domains
Manual Chapter : Configuring GTM on a Network with Multiple Route Domains

Applies To:

Show Versions Show Versions

BIG-IP GTM

  • 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1
Manual Chapter
Table of Contents | << Previous Chapter | Next Chapter >>

Overview: How do I deploy BIG-IP GTM on a network with multiple route domains?

You can deploy BIG-IP Global Traffic Manager (GTM) on a network where BIG-IP Local Traffic Manager (LTM) systems are configured with multiple route domains and overlapping IP addresses.

Important: On a network with route domains, you must ensure that virtual server discovery (autoconf) is disabled, because virtual server discovery does not discover translation IP addresses.
CAUTION:
For BIG-IP systems that include both LTM and GTM, you can configure route domains on internal interfaces only. F5 Networks does not support the configuration of route domains on a standalone BIG-IP GTM.

The following figure shows BIG-IP GTM deployed in a network with multiple BIG-IP Local Traffic Manager (LTM) systems configured with the default route domain (zero), and two additional route domains. BIG-IP GTM can monitor the Application1 and Application2 servers that have overlapping IP addresses and reside in different route domains. The firewalls perform the required address translation between the BIG-IP GTM and BIG-IP LTM addresses; you must configure the firewalls to segment traffic and avoid improperly routing packets between route domain 1 and route domain 2.

BIG-IP GTM deployed on a network with multiple route domains BIG-IP GTM deployed on a network with multiple route domains

Before BIG-IP GTM can gather status and statistics for the virtual servers hosted on BIG-IP LTM systems on your network that are configured with route domains, you must configure the following on each BIG-IP LTM that handles traffic for route domains:

  • VLANs through which traffic for your route domains passes
  • Route domains that represent each network segment
  • Self IP addresses that represent the address spaces of the route domains

Additionally, on BIG-IP GTM you must:

  • Configure, for each route domain, a server object with virtual server discovery disabled
  • Disable virtual server discovery globally

Task summary

Perform the following tasks to configure BIG-IP GTM to monitor BIG-IP LTM systems with route domains.

Creating VLANs for a route domain on BIG-IP LTM

Create two VLANs on BIG-IP LTM through which traffic can pass to a route domain.
  1. On the Main tab, click Network > VLANs. The VLAN List screen opens.
  2. Click Create. The New VLAN screen opens.
  3. In the Name field, type external.
  4. In the Tag field, type a numeric tag, from 1-4094, for the VLAN, or leave the field blank if you want the BIG-IP system to automatically assign a VLAN tag. The VLAN tag identifies the traffic from hosts in the associated VLAN.
  5. For the Interfaces setting, from the Available list, click an interface number or trunk name and add the selected interface or trunk to the Untagged list. Repeat this step as necessary.
  6. If you want the system to verify that the return route to an initial packet is the same VLAN from which the packet originated, select the Source Check check box.
  7. Click Finished. The screen refreshes, and displays the new VLAN from the list.
Repeat this procedure, but in Step 3, name the second VLAN internal.

Creating a route domain on BIG-IP LTM

Ensure that VLANs exist on BIG-IP LTM, before you create a route domain.
You can create a route domain on a BIG-IP system to segment (isolate) network traffic on your network.
  1. On the Main tab, click Network > Route Domains. The Route Domain List screen opens.
  2. Click Create. The New Route Domain screen opens.
  3. In the ID field, type an ID number for the route domain. This ID must be unique on the BIG-IP system; that is, no other route domain on the system can have this ID.
  4. In the Description field, type a description of the route domain. For example: This route domain applies to traffic for application MyApp.
  5. For the Strict Isolation setting, select the Enabled check box to restrict traffic in this route domain from crossing into another route domain.
  6. For the Parent Name setting, retain the default value.
  7. For the VLANs setting, move the external and internal VLANs from the Available list, to the Members list. Configuring this setting ensures that the BIG-IP system immediately associates any self IP addresses pertaining to the selected VLANs with this route domain.
  8. Click Finished. The system displays a list of route domains on the BIG-IP system.
Create additional route domains based on your network configuration.

Creating a self IP address for a route domain on BIG-IP LTM

Ensure that VLANs exist on BIG-IPLTM, before you begin creating a self IP address for a route domain.
Create a self IP address on the BIG-IP system that resides in the address space of the route domain.
  1. On the Main tab, click Network > Self IPs. The Self IPs screen opens.
  2. Click Create. The New Self IP screen opens.
  3. In the Name field, type a unique name for the self IP.
  4. In the IP Address field, type an IP address. This IP address must represent a self IP address in a route domain. Use the format x.x.x.x%n, where n is the route domain ID, for example, 10.1.1.1%1. The system accepts IPv4 and IPv6 addresses.
  5. In the Netmask field, type the network mask for the specified IP address.
  6. From the VLAN/Tunnel list, select the VLAN that you assigned to the route domain that contains this self IP address.
  7. From the Port Lockdown list, select Allow Default.
  8. Click Finished. The screen refreshes, and displays the new self IP address.
Create additional self IP addresses based on your network configuration.

Disabling auto-discovery at the global-level on BIG-IP GTM

On BIG-IP GTM, disable auto-discovery at the global-level.
  1. On the Main tab, click DNS > Settings > GSLB > General. The general Configuration screen opens.
  2. Clear the Auto-Discover check box.
  3. Click Update.

Defining a server for a route domain on BIG-IP GTM

Ensure that at least one data center exists in the configuration.
On BIG-IP GTM, define a server that represents the route domain.
  1. On the Main tab, click DNS > GSLB > Servers. The Server List screen opens.
  2. Click Create. The New Server screen opens.
  3. In the Name field, type a name for the server.
    Important: Server names are limited to 63 characters.
  4. From the Product list, select either BIG-IP System (Single) or BIG-IP System (Redundant). The server type determines the metrics that the system can collect from the server.
  5. In the Address List area, add the self IP address that you assigned to the VLAN that you assigned to the route domain.
    Important: Do not include the route domain ID in this IP address. Use the format x.x.x.x, for example, 10.10.10.1.
  6. From the Data Center list, select the data center where the server resides.
  7. From the Prober Pool list, select one of the following.
    Option Description
    Inherit from Data Center By default, a server inherits the Prober pool assigned to the data center in which the server resides.
    Prober pool name Select the Prober pool that contains the BIG-IP systems that you want to perform monitor probes of this server.
    Note: The selected Prober pool must reside in the same route domain as the servers you want the pool members to probe.
  8. In the Health Monitors area, assign the bigip monitor to the server by moving it from the Available list to the Selected list.
  9. From the Virtual Server Discovery list, select Disabled.
  10. Click Create. The New Server screen opens.

Implementation result

You now have an implementation in which BIG-IP GTM monitors BIG-IP LTM virtual servers on the various route domains in your network.

Table of Contents | << Previous Chapter | Next Chapter >>
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5 Networks, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information