BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member
Good day, everyone! Within the LTM platform, if a Pool is configured with "Min 1 of" with multiple monitors, you can check the status per monitor viatmsh show ltm monitor <name>, or you can click the Pool member in the TMUI and it will show you the status of each monitor for that member. I cannot seem to locate a similar function on the GTM/BIG-IP DNS platform. We'd typically use this methodology when transitioning to a new type of monitor, where we can passively test connectivity without the potential for impact prior to removing the previous monitor. Does anyone have a way through tmsh or the TMUI where you can check an individual pool member's status against the multiple monitors configured for its pool? Thanks, all!66Views0likes2CommentsF5 as ISP LB - Internet health check based on latency
Hi Community, Just want to ask only if below scenario if our F5 is running as ISP LB to check the latency of ISP1 when it is high ( 250ms) to failover to ISP2? If there an F5 KB article or other solutions that you can refer for this required setup. Thanks in advance.29Views0likes0CommentsReplacing GTM f5
hello guys! this is also related to F5 GTM GSLB replacement | DevCentral I have some question on our F5 GTM replacement, we have an issue when we add the new F5 on data center following this KB https://my.f5.com/manage/s/article/K45907236 on the part "Creating a server (existing BIG-IP DNS)" the new server is in unknown state. When we check the error we see routines:ssl3_get_server_certificate:certificate verify failed f5 I am thinking bigip_add x.x.x.x will solve the problem however since the existing devices are on production I didnt use it instead, I uploaded the cert of existing f5 to new F5 on device management and Trusted certificate I saw on https://my.f5.com/manage/s/article/K85555245 Trusted device certificatesSystem>Certificate Management>Device Certificate Management>Device Trust Certificates Trusted server certificatesDNS>GSLB>Servers>Trusted Server Certificates the existing and new f5 has same certs now, however the problem is still there but this time error is different iqmgmt_ssl_connect: SSL error: Connection reset by peer (104) from connection x.x.x.x Do you guys know how to solve this SSL issue we have? I also have a question 1. when I updatedDNS>GSLB>Servers>Trusted Server CertificatesI export the server.crt from existing f5 and upload it on the new device. this overwrites the original server.crt. on the new F5. I am thinking running the bigip_add x.x.x.x but my worry is that it will make the certs doubled? because running bigip_add x.x.x.x will "append" the cert from existing F5 to new F5.. so I am thinking to delete the server.crt on my new f5, but the problem is I didnt save a backup of the original server.crt :( is there a way I can generate new server.crt on my new F5? do you think it is necessary to delete the current server.crt? or what I need is to do below per https://my.f5.com/manage/s/article/K9114? cat /config/httpd/conf/ssl.crt/server.crt >> /config/gtm/server.crt 2. Running bigip_add x.x.x.x will be from existing F5 correct existing f5# bigip_add x.x.x.x (new F5 IP) 3. new F5 is in v17 and existing F5s are in v14, do you guys think it is a problem? Thank you!43Views0likes0CommentsF5 GTM GSLB replacement
Hello Guys! Would like to get some answers on my project. I will create a new f5 gtm that will replace the faulty/inconsistent gtm. I would like to test the new f5 gtm first by having only one wide IP as a testing if it will be able to resolve the wide ip. here is my question if my new f5 gtm has only one wide IP and I "synch" from DNS ›› Settings : GSLB : General ›› check "Synchronize". what will happen? On my new F5 if I create Data center shall I include the old F5 that I will replace? I guess yes right.. since it is included on the "synch" thank you so much Edit: Found this great article. https://my.f5.com/manage/s/article/K45907236 :DSolved95Views0likes4CommentsGTM health Monitoring and Probe
Dears, I have a case in my GTM, as I added one Big IP server ( LTM ), and another server as a generic host, as I understand after I configure the server with the type bigip system the health monitor will be bigip and the GTM will know the status of VS from the LTM, if I configure the generic host and attach the health monitor on the virtual server the GTM use this health monitor to check the status of the generic host server, in my case, I noted that the GTM uses the servers that I added before with type bigip server to check the status of the Generic host server, is that normal behavior???!!!! and why does the GTM get the status for generic host server from the Bigip Server ( LTM ) ???Solved1KViews0likes3CommentsGTM synchronization group
dears, I configured a synchronization group between our Two GTMs, and all configurationsadvertised successfully to the second GTM, but I faced an issue, as after I configured any new configuration on one of them the configuration did not advertise to the secondGTM, and to make the GTMs sync again the configuration I ran gtm_add script again, i check this linkhttps://my.f5.com/manage/s/article/K45907236for how to configure the synchronization group but i did not find any configuration I missedSolved687Views0likes2CommentsF5 GTM resolution issue
I have an issue with F5 GTM resolution, after using nslookup to check if I can resolve the name of the website, that I created as an A record using wildeIP on GTM, I see that I can receive the correct IP for my website but after i try to access the website through HTTPS it not opened,Solved1.1KViews0likes7CommentsMonitoring GTM / DNS Pools for consistency across multiple LTMs
Hi community. I have been trying to work out the best way to check my Wide-IP configuration is consistent across multiple LTMs. I have a WIP, that contains a pool, that contains 2 LTM VIPs in 2 DCs - how can I be sure that services in the LTM VIPs are consistent? For example, LTM-1 in DC-1 has a VIP containing a pool of 2 servers listening on https. LTM-2 in DC-2 has the same pool of 2 servers listening on https – all good so far. Engineer adds new server to DC-1 LTM-1 pool but doesn’t add the same server to DC-2 LTM-2. I now have inconsistent services across the 2 DCs. Has anyone scripted anything to check each WIP/pool for LTM VIPs then checked each of the configured LTM VIPs for pools/services and report on differences? Thanks in advance.502Views0likes4Comments