Scribd Logo
Upload

Welcome to Scribd!

  • 23 views

    DNSServices Class1

    Uploaded by

    zeezee singapore
    This document provides instructions for configuring F5 DNS servers to perform global server load balancing (GSLB) across two sites. The key steps include: 1. Configuring settings like synchronization and sync group name on DNS servers in each site. 2. Creating TCP and UDP listeners to handle DNS queries. This includes enabling logging and creating logging profiles. 3. Configuring datacenter, device trust, and sync groups to establish high availability between servers. 4. Configuring DNS profiles, pools, records and delegation to route queries for a domain (example.com) to the servers and balance load across backend servers in each site. The goal is to setup GSLB across the two sites

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    DNSServices Class1

    Uploaded by

    zeezee singapore
    23 views84 pages
    This document provides instructions for configuring F5 DNS servers to perform global server load balancing (GSLB) across two sites. The key steps include: 1. Configuring settings like synchronization and sync group name on DNS servers in each site. 2. Creating TCP and UDP listeners to handle DNS queries. This includes enabling logging and creating logging profiles. 3. Configuring datacenter, device trust, and sync groups to establish high availability between servers. 4. Configuring DNS profiles, pools, records and delegation to route queries for a domain (example.com) to the servers and balance load across backend servers in each site. The goal is to setup GSLB across the two sites

    Original Description:

    F5 DNS

    Original Title

    DNSServices-class1

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document provides instructions for configuring F5 DNS servers to perform global server load balancing (GSLB) across two sites. The key steps include: 1. Configuring settings like synchronization and sync group name on DNS servers in each site. 2. Creating TCP and UDP listeners to handle DNS queries. This includes enabling logging and creating logging profiles. 3. Configuring datacenter, device trust, and sync groups to establish high availability between servers. 4. Configuring DNS profiles, pools, records and delegation to route queries for a domain (example.com) to the servers and balance load across backend servers in each site. The goal is to setup GSLB across the two sites

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    23 views84 pages

    DNSServices Class1

    Uploaded by

    zeezee singapore
    This document provides instructions for configuring F5 DNS servers to perform global server load balancing (GSLB) across two sites. The key steps include: 1. Configuring settings like synchronization and sync group name on DNS servers in each site. 2. Creating TCP and UDP listeners to handle DNS queries. This includes enabling logging and creating logging profiles. 3. Configuring datacenter, device trust, and sync groups to establish high availability between servers. 4. Configuring DNS profiles, pools, records and delegation to route queries for a domain (example.com) to the servers and balance load across backend servers in each site. The goal is to setup GSLB across the two sites

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 84

    Agility 2017 Hands-on Lab Guide

    DNS Services
    F5 Networks, Inc.
    2
    Contents:

    1 Lab Environment 5

    2 Class 1 - Intro to GSLB 11


    2.1 Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
    2.2 Listeners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
    2.2.1 Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
    2.2.2 DNS Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
    2.2.3 UDP Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
    2.2.4 TCP Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
    2.2.5 UDP IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
    2.2.6 TCP IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
    2.3 Datacenters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
    2.3.1 Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
    2.3.1.1 gtm1.site1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
    2.3.1.2 gtm1.site2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
    2.3.1.3 site1_ha-pair . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
    2.3.1.4 site2_ha-pair . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
    2.3.2 Device Trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
    2.3.3 Sync Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
    2.4 Pools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
    2.5 FQDN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
    2.6 Delegation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
    2.6.1 A Records . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
    2.6.2 Sub Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
    2.6.3 CNAME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
    2.7 Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
    2.8 Persistence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
    2.9 LB Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

    3 Credits 83

    3
    4
    1
    Lab Environment

    5
    6
    7
    8
    9
    10
    Class 1 - Intro to GSLB
    2

    • Students will configure F5 DNS servers to support GSLB services on a single device in site1.
    • Join an additional F5 DNS server in site2 to the GSLB cluster.
    • An Internal group of DNS servers is authoritative for the zone example.com and contains a static A
    record for “www.example.com”, which resolves to 203.0.113.9.
    • Students will add glue records and delegate gslb.example.com to the F5 GSLB DNS servers.

    11
    • Convert the A record “www.example.com” to be a CNAME record pointing to www.gslb.example.com.
    At the end of the lab students will have configured F5 GSLB DNS servers to alternately resolve
    www.example.com to 203.0.113.9 and 198.51.100.41

    2.1 Settings

    A site specific sync group name will be created, and synchronization will be enabled.
    Navigate to: DNS ›› Settings : GSLB : General
    Configure the global settings for GSLB according to the following table:

    Setting Value
    Synchronize checked
    Group Name EXAMPLE_group
    Synchronize DNS Zone Files checked

    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/dns/settings/gslb/properties_general.jsp

    TMSH

    12
    tmsh modify gtm global-settings general synchronization yes synchronization-group-name EXAM-
    PLE_group synchronize-zone-files yes

    https://support.f5.com/csp/article/K13734
    https://support.f5.com/kb/en-us/products/big-ip-dns/manuals/product/bigip-dns-implementations-12-0-0/4.
    html

    2.2 Listeners

    A listener object is an specialized virtual server that is configured to respond to DNS queries.
    We will be creating both TCP and UDP based listeners.

    2.2.1 Logging

    Configure DNS query and response logging. Create a “Log Publisher”, and a “Logging Profile”

    Note: It is required to complete the following task on both gtm1.site1 and gtm1.site2

    13
    1. Navigate to: System ›› Logs : Configuration : Log Publishers

    Create a local syslog publisher according to the table below:

    Setting Value
    Name local-syslog-publisher
    Destinations local-syslog

    14
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/system/log/create_publisher.jsp
    https://gtm1.site2.example.com/tmui/Control/jspmap/tmui/system/log/create_publisher.jsp
    On both gtm1.site1 and gtm1.site run the following command:

    TMSH
    tmsh create sys log-config publisher local-syslog-publisher { destinations { local-syslog { } } }

    2. Navigate to: DNS > Delivery > Profiles > Other > DNS Logging: Create

    15
    Create a new DNS logging profile as shown in the table below.

    Setting Value
    Name example_dns_logging_profile
    Log Publisher local-syslog-publisher
    Log Responses enabled
    Include Query ID enabled

    16
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/dns/profile/dns_log/create.jsp
    https://gtm1.site2.example.com/tmui/Control/jspmap/tmui/dns/profile/dns_log/create.jsp
    TMSH command for both gtm1.site1 and gtm1.site2:

    TMSH
    tmsh create ltm profile dns-logging example_dns_logging_profile enable-response-logging yes
    include-query-id yes log-publisher local-syslog-publisher

    https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-external-monitoring-implementations-12-0-0/
    5.html

    2.2.2 DNS Profile

    A DNS profile controls the way a listener processes a query.

    Note: It is required to complete the following task on both gtm1.site1 and gtm1.site2

    Navigate to: DNS > Delivery > Profiles > DNS: Create

    17
    Create a new DNS profile as shown in the following table.

    Setting Value
    Name example.com_dns_profile
    Unhandled Query Action Drop
    Use BIND Server on Big-IP Disabled
    Logging Enabled
    Logging Profile example_dns_logging_profile
    AVR statistics Sample Rate Enabled, 1/1 queries sampled

    18
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/dns/profile/dns/create.jsp
    https://gtm1.site2.example.com/tmui/Control/jspmap/tmui/dns/profile/dns/create.jsp

    19
    TMSH command for both gtm1.site1 and gtm1.site2:

    TMSH
    tmsh create ltm profile dns example.com_dns_profile use-local-bind no unhandled-query-action drop log-
    profile example_dns_logging_profile enable-logging yes avr-dnsstat-sample-rate 1

    https://support.f5.com/csp/article/K14510

    2.2.3 UDP Profile

    A UDP profile is associated with a listener.

    Note: It is required to complete the following task on both gtm1.site1 and gtm1.site2

    Navigate to: DNS ›› Delivery : Profiles : Protocol : UDP

    Create a new UDP profile as shown in the following table:

    Setting Value
    Name example.com_udp-dns_profile
    Parent Profile udp_gtm_dns

    20
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/dns/profile/udp/create.jsp
    https://gtm1.site2.example.com/tmui/Control/jspmap/tmui/dns/profile/udp/create.jsp
    TMSH command for both gtm1.site1 and gtm1.site2:

    TMSH
    tmsh create ltm profile udp example.com_udp-dns_profile defaults-from udp_gtm_dns

    2.2.4 TCP Profile

    A TCP profile is associated with a listener.

    Note: It is required to complete the following task on both gtm1.site1 and gtm1.site2

    Navigate to: DNS ›› Delivery : Profiles : Protocol : TCP

    21
    Create a new TCP profile as shown in the following table.

    Setting Value
    Name example.com_tcp-dns_profile
    Parent Profile f5-tcp-wan

    22
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/dns/profile/tcp/create.jsp
    https://gtm1.site2.example.com/tmui/Control/jspmap/tmui/dns/profile/tcp/create.jsp
    TMSH Command for both gtm1.site and gtm1.site2:

    TMSH
    tmsh create ltm profile tcp example.com_tcp-dns_profile defaults-from tcp-wan-optimized

    2.2.5 UDP IP Address

    A UDP listener will receive and process DNS queries.

    Note: It is required to complete the following task on both gtm1.site1 and gtm1.site2

    Navigate to: DNS ›› Delivery : Listeners : Listener List

    23
    Create a UDP listener according to the following table:

    Setting gtm1.site1 gtm1.site2


    Name isp1_site1_ns1.example.com_udp_53_virtual
    isp1_site2_ns2.example.com_udp_53_virtual
    Destination 203.0.113.8 198.51.100.40
    Protocol Profile example.com_udp-dns_profile example.com_udp-dns_profile
    (Client)
    DNS Profile example.com_dns_profile example.com_dns_profile

    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/dns/listener/create.jsp
    https://gtm1.site2.example.com/tmui/Control/jspmap/tmui/dns/listener/create.jsp

    24
    gtm1.site1 TMSH command:

    TMSH
    tmsh create gtm listener isp1_site1_ns1.example.com_udp_53_virtual address 203.0.113.8 ip-protocol udp
    mask 255.255.255.255 port 53 profiles add { example.com_dns_profile example.com_udp-dns_profile }

    gtm1.site2 TMSH command:

    TMSH
    tmsh create gtm listener isp1_site2_ns2.example.com_udp_53_virtual address 198.51.100.40 ip-protocol
    udp mask 255.255.255.255 port 53 profiles add { example.com_dns_profile example.com_udp-dns_profile

    25
    }

    https://support.f5.com/csp/article/K14923

    2.2.6 TCP IP Address

    A TCP listener will receive and process DNS queries.

    Note: It is required to complete the following task on both gtm1.site and gtm1.site2

    Navigate to: DNS ›› Delivery : Listeners : Listener List

    Create a TCP listener.

    Setting gtm1.site1 gtm1.site2


    Name isp1_site1_ns1.example.com_tcp_53_virtual
    isp1_site2_ns2.example.com_tcp_53_virtual
    Destination 203.0.113.8 198.51.100.40
    Protocol Profile example.com_tcp-dns_profile example.com_tcp-dns_profile
    (Client)
    DNS Profile example.com_dns_profile example.com_dns_profile

    26
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/dns/listener/create.jsp
    https://gtm1.site2.example.com/tmui/Control/jspmap/tmui/dns/listener/create.jsp
    gtm1.site1 TMSH command:

    TMSH
    tmsh create gtm listener isp1_site1_ns1.example.com_tcp_53_virtual address 203.0.113.8 ip-protocol tcp

    27
    mask 255.255.255.255 port 53 profiles add { example.com_dns_profile example.com_tcp-dns_profile }

    gtm1.site2 TMSH command:

    TMSH
    tmsh create gtm listener isp1_site2_ns2.example.com_tcp_53_virtual address 198.51.100.40 ip-protocol
    tcp mask 255.255.255.255 port 53 profiles add { example.com_dns_profile example.com_tcp-dns_profile }

    https://support.f5.com/csp/article/K14923

    2.3 Datacenters

    Datacenters are logical groupings of devices that share a gateway.

    Note: The tasks in this section are to be only completed on gtm1.site1

    Navigate to: DNS > GSLB > Data Centers > Data Center List: Create

    https://gtm1.site1.example.com/tmui/Control/jspmap/xsl/gtm_dc/list

    28
    Create two data centers according to the table below:

    Setting Value
    Name site1_datacenter
    Name site2_datacenter

    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/data_center/create.jsp
    TMSH command for only site1.gtm1:

    TMSH
    tmsh create gtm datacenter site1_datacenter

    TMSH
    tmsh create gtm datacenter site2_datacenter

    2.3.1 Servers

    Server objects need to be defined and grouped into a Datacenter

    29
    Navigate to: DNS ›› GSLB : Servers : Server List

    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/server/list.jsp

    2.3.1.1 gtm1.site1

    All GTM devices need to be defined. Create a server object for gtm1.site1

    30
    Click “Create” to define gtm1.site1 as defined in the table below:

    Setting Value
    Name gtm1.site1_server
    Data Center site1_datacenter
    Devices Add: gtm1.site1.example.com : 203.0.113.7
    Health Monitors bigip

    1. Fill in the Name and Datacenter

    31
    2. Click the “Add” button to define IP addresses

    32
    3. Complete the form and associate the “bigip” “Health Monitor”

    33
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/server/create.jsp

    TMSH
    tmsh create gtm server gtm1.site1_server datacenter site1_datacenter devices add {
    gtm1.site1.example.com { addresses add { 203.0.113.7 } } } monitor bigip product bigip

    34
    2.3.1.2 gtm1.site2

    All GTM devices need to be defined. Create a server object for gtm1.site2

    Click “Create” to define gtm1.site2 as defined in the table below:

    Setting Value
    Name gtm1.site2_server
    Data Center site2_datacenter
    Devices Add: gtm1.site2.example.com : 198.51.100.39
    Health Monitors bigip

    1. Fill in the Name and Datacenter

    35
    2. Click the “Add” button to define IP addresses

    36
    3. Complete the form and associate the “bigip” “Health Monitor”

    37
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/server/create.jsp

    TMSH
    tmsh create gtm server gtm1.site2_server datacenter site2_datacenter devices add {
    gtm1.site2.example.com { addresses add { 198.51.100.39 } } } monitor bigip product bigip

    38
    2.3.1.3 site1_ha-pair

    LTM devices need to be defined. Create a server object for the bigip1.site1 and bigip2.site1 HA pair

    Create a Server Object as defined in the table below:

    Setting Value
    Name site1_ha-pair
    Data Center site1_datacenter
    Devices Add: bigip1.site1.example.com : 203.0.113.5
    Devices Add: bigip2.site1.example.com : 203.0.113.6
    Health Monitors bigip
    Virtual Server Discovery Enabled
    Link Discovery Enabled

    1. Fill in the Name and Datacenter

    39
    2. Click the “Add” button to define IP addresses

    40
    3. Click “Add” again to define the other BIG-IP in the HA pair.

    41
    4. Click the “Add” button to define IP addresses

    42
    5. Complete the form and associate the “bigip” “Health Monitor”

    43
    6. Make sure to enable both “Virtual Server” and “Link” discovery

    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/server/create.jsp

    TMSH
    tmsh create gtm server site1_ha-pair datacenter site1_datacenter devices add { bigip1.site1.example.com
    { addresses add { 203.0.113.5 { } } } bigip2.site1.example.com { addresses add { 203.0.113.6 { } } } } link-
    discovery enabled monitor bigip product bigip virtual-server-discovery enabled

    44
    2.3.1.4 site2_ha-pair

    LTM devices need to be defined. Create a server object for the bigip1.site2 and bigip2.site2 HA pair

    Create a Server Object as defined in the table below:

    Setting Value
    Name site2_ha-pair
    Data Center site2_datacenter
    Device Add: bigip1.site2.example.com : 198.51.100.37
    Device Add: bigip2.site2.example.com : 198.51.100.38
    Health Monitors bigip
    Virtual Server Discovery Enabled
    Link Discovery Enabled

    1. Fill in the Name and Datacenter

    45
    2. Click the “Add” button to define IP addresses

    46
    3. Click “Add” again to define the other BIG-IP in the HA pair.

    47
    4. Click the “Add” button to define IP addresses

    48
    5. Complete the form and associate the “bigip” “Health Monitor”

    49
    6. Make sure to enable both “Virtual Server” and “Link” discovery

    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/server/create.jsp

    TMSH
    tmsh create gtm server site2_ha-pair datacenter site2_datacenter devices add { bigip1.site2.example.com
    { addresses add { 198.51.100.37 { } } } bigip2.site2.example.com { addresses add { 198.51.100.38 { } } } }
    link-discovery enabled monitor bigip product bigip virtual-server-discovery enabled

    50
    2.3.2 Device Trust

    A mesh of F5 DNS servers need to exchange keys to establish a trusted mechanism for HA communica-
    tions.

    Launch Putty and login to gtm1.site1.example.com


    Run the following command:
    When prompted for a password use “default”.

    TMSH
    bigip_add

    51
    Navigate to: DNS ›› GSLB : Servers : Trusted Server Certificates
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/locallb/ssl_certificate/properties.jsp?certificate_
    name=server&store=iquery

    52
    2.3.3 Sync Group

    After the BIG-IP DNS server in datacenter 2 is joined to the sync group, administrators may make changes
    to either F5 DNS server.
    Changes will be automatically replicated across all F5 DNS servers.
    Launch Putty and log in to gtm1.site2
    Run the following command: Enter the password “default” when prompted.
    Select “y” to allow the bigip-ip to join the mesh.

    TMSH
    gtm_add 203.0.113.7

    53
    2.4 Pools

    LTM virtual server objects are grouped together into GTM pools.
    Navigate to: DNS ›› GSLB : Pools : Pool List

    54
    Create a Pool of LTM Virtuals according to the following table:

    Setting Value
    Name www.example.com_pool
    Type A
    member isp1_site1_www.example.com_tcp_https_virtual
    member isp2_site2_www.example.com_tcp_https_virtual

    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/pool/create.jsp

    55
    TMSH command to run on only gtm1.site1:

    TMSH
    tmsh create gtm pool a www.example.com_pool { members add { site1_ha-
    pair:/Common/isp1_site1_www.example.com_tcp_https_virtual { member-order 0 } site2_ha-
    pair:/Common/isp2_site2_www.example.com_tcp_https_virtual { member-order 1 } } }

    56
    2.5 FQDN

    F5 refers to an FQDN as a “wide-ip”, or “wip”.


    Navigate to: DNS ›› GSLB : Wide IPs : Wide IP List

    Create an F5 “wide IP”

    Setting Value
    Name www.gslb.example.com
    Type A
    Pool www.example.com_pool

    57
    58
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/wideip/list.jsp
    TMSH command to run on only gtm1.site1:

    TMSH
    tmsh create gtm wideip a www.gslb.example.com { pools add { www.example.com_pool { order 0 } } }

    2.6 Delegation

    Log in to the DNS server from the jumpbox (username: user pasword: Agility1) , and open the DNS
    management UI:

    2.6.1 A Records

    Create two new A records for the new BIGP-IP nameservers.

    Setting Value
    ns1 203.0.113.8
    ns2 198.51.100.40

    59
    Expand “Forward Lookup Zones”, right click on EXAMPLE.COM and select “New Host”

    2.6.2 Sub Domain

    1. Expand “Forward Lookup Zones”, and right click on “EXAMPLE.com

    60
    2. Create the “gslb” subdomain.

    61
    3. Step through the Delegation Wizard. Add “ns1.example.com - 203.0.113.8”

    62
    4. Also add “ns2.example.com - 198.51.100.40”

    63
    5. Make sure both ns1.example.com and ns2.example.com are added

    64
    6. Click “Finish”

    65
    2.6.3 CNAME

    1. Make sure “Forward Lookup Zones” and “EXAMPLE.COM” is expanded. Right click on “www”, and
    select delete.

    66
    2. Right click on “EXAMPLE.COM”, and select “New Alias (CNAME)”

    67
    3. Add “www - www.gslb.example.com”

    68
    2.7 Results

    1. From the Workstation command prompt type “dig www.example.com”

    69
    2. Observe WIDEIP statistics on gtm1.site1: Statistics ›› Module Statistics : DNS : GSLB ›› Wide IPs
    : www.gslb.example.com : A
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/stats/wideip/stats_detail.jsp?
    name=%2FCommon%2Fwww.gslb.example.com&type=1&identity=www.gslb.example.com+%3A+A

    70
    71
    TMSH
    tmsh show gtm wideip a www.gslb.example.com

    3. Observe WIDEIP statistics on gtm1.site2: Statistics ›› Module Statistics : DNS : GSLB ›› Wide IPs
    : www.gslb.example.com : A
    https://gtm1.site2.example.com/tmui/Control/jspmap/tmui/globallb/stats/wideip/stats_detail.jsp?
    name=%2FCommon%2Fwww.gslb.example.com&type=1&identity=www.gslb.example.com+%3A+A
    4. Disable physical interfaces on gtm1.site2:
    https://gtm1.site2.example.com/tmui/Control/form?__handler=/tmui/locallb/network/interface/list&__
    source=disable&__linked=false&__fromError=false

    72
    TMSH command to run on only gtm1.site2:

    TMSH
    tmsh modify net interface all disabled

    5. Refresh statistics on gtm1.site1 and make sure DNS requests are still resolving.
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/stats/wideip/stats_detail.jsp?
    name=%2FCommon%2Fwww.gslb.example.com&type=1&identity=www.gslb.example.com+%3A+A
    6. Re-enable interfaces on gtm1.site2, disable interfaces on gtm1.site1. Observe statistics on gtm1.site2
    and make sure DNS requests are still resolving.
    TMSH command to run on only gtm1.site2:

    TMSH
    tmsh modify net interface all enabled

    7. Observe pool statistics on gtm1.site1: Statistics ›› Module Statistics : DNS : GSLB ›› Pools :
    www.example.com_pool : A
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/stats/pool/stats_detail.jsp?name=
    %2FCommon%2Fwww.example.com_pool&pool_type=1&identity=www.example.com_pool+%3A+A

    73
    TMSH
    show gtm pool a www.example.com_pool

    8. Using Putty, ssh into gtm1.site1 and run the following command to watch logs:

    TMSH
    tail -f /var/log/ltm

    2.8 Persistence

    Modify the GSLB configuration so that LDNS servers continually receive the same DNS answer.
    1. On gtm1.site1 navigate to: DNS ›› GSLB : Pools : Pool List ›› Members : www.example.com_pool

    74
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/wideip/list.jsp
    2. Click into the “Pools” tab:

    75
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/wideip/pools.jsp?name=
    %2FCommon%2Fwww.gslb.example.com&type=1&identity=www.gslb.example.com
    3. Enable Persistence

    76
    TMSH
    tmsh modify gtm wideip a www.gslb.example.com persistence enabled

    4. View Persistence Records

    TMSH
    tmsh show gtm persist

    2.9 LB Methods

    Modify the GSLB configuration so that site2 is a standby DR site.


    Introduce a network problem that causes the isp1 link monitor to fail.
    An ISP network outage can automatically cause DR activation.
    1. On gtm1.site1 navigate to: DNS ›› GSLB : Pools : Pool List ›› Members : www.example.com_pool
    https://gtm1.site1.example.com/tmui/Control/jspmap/tmui/globallb/pool/members.jsp?name=
    %2FCommon%2Fwww.example.com_pool&pool_type=1&identity=www.example.com_pool

    77
    2. Modify the “Load Balancing Method” -> “Preferred” to “Global Availability”

    78
    TMSH
    tmsh modify gtm pool a www.example.com_pool load-balancing-mode global-availability

    3. Introduce a network problem in the ISP at site1


    Log into the router and disable interface 1.6 connecting ISP1 to site1
    https://router01.branch01.example.com/tmui/Control/jspmap/tmui/locallb/network/interface/list.jsp

    79
    TMSH command to run on the router01 to simulate an ISP failure

    TMSH
    tmsh modify interface 1.6 disabled

    4. View the effect


    Log into gtm1.site2 and observe the status of “Link” objects:

    80
    https://gtm1.site2.example.com/tmui/Control/jspmap/xsl/gtm_link/list

    TMSH
    tmsh show gtm link

    5. Set the site1 isp link back up


    Log into the router and enable the interface 1.6 connecting ISP1 to site1
    https://router01.branch01.example.com/tmui/Control/jspmap/tmui/locallb/network/interface/list.jsp

    81
    TMSH
    tmsh modify interface 1.6 enabled

    Note: Even though you re-enabled the primary site1, a persistence record from the previous lab is still in
    place.

    82
    3
    Credits

    • Agility 2017:
    Bill Wester
    Boris Gekhtman
    Brendan Gladney
    Brian Buback
    Emilio Torres
    Dave Doucette
    Josh Anderson
    Robin Mordasiewicz
    • Advisors:
    Hitesh Patel
    Joe Hermes
    Jonathan Dehaan
    Pat Chang
    Pat Fiorino
    Brian Van Lieu

    83

    You might also like