F5 Logo MyF5
Search
  1. MyF5 Home
  2. Knowledge Centers
  3. BIG-IP DNS
  4. BIG-IP DNS: Implementations
  5. Configuring BIG-IP DNS on a Network with Multiple Route Domains
Manual Chapter : Configuring BIG-IP DNS on a Network with Multiple Route Domains

Applies To:

Show Versions Show Versions

BIG-IP DNS

  • 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0
Manual Chapter
Table of Contents | << Previous Chapter | Next Chapter >>

Configuring BIG-IP DNS on a Network with Multiple Route Domains

Overview: How do I deploy BIG-IP DNS on a network with multiple route domains?

You can deploy BIG-IP® DNS (formerly GTM) on a network where BIG-IP Local Traffic Manager™ (LTM®) systems are configured with multiple route domains and overlapping IP addresses.

Important: On a BIG-IP® system that includes both Local Traffic Manager™ (LTM®) and Global Traffic Manager™ (now BIG-IP ® DNS), all IP addresses that BIG-IP DNS references (virtual IP addresses, link addresses, and so on) must be associated with route domain 0.

The following figure shows BIG-IP DNS deployed in a network with multiple BIG-IP Local Traffic Manager™ (LTM®) systems, one configured with the default route domain (zero), and one configured with two additional route domains. BIG-IP DNS can monitor the Application1 and Application2 servers that have overlapping IP addresses and reside in different route domains. The firewalls perform the required address translation between the BIG-IP DNS and BIG-IP LTM addresses; you must configure the firewalls to segment traffic and avoid improperly routing packets between route domain 1 and route domain 2.

BIG-IP DNS deployed on a network with multiple route domains

BIG-IP DNS deployed on a network with multiple route domains

Before BIG-IP® DNS can gather status and statistics for the virtual servers hosted on BIG-IP LTM® systems that are configured with route domains, you must configure the following on each BIG-IP LTM that handles traffic for route domains:

  • VLANs through which traffic for your route domains passes
  • Route domains that represent each network segment
  • Self IP addresses that represent the address spaces of the route domains

Additionally, configure a BIG-IP DNS server object on BIG-IP DNS to represent each LTM system device.

Task summary

Perform the following tasks to configure BIG-IP DNS to monitor BIG-IP LTM systems with route domains.

Creating VLANs for a route domain on BIG-IP LTM

Create two VLANs on BIG-IP® LTM® through which traffic can pass to a route domain.
  1. On the Main tab, click Network > VLANs .
    The VLAN List screen opens.
  2. Click Create.
    The New VLAN screen opens.
  3. In the Name field, type external.
  4. In the Tag field, type a numeric tag, between 1-4094, for the VLAN, or leave the field blank if you want the BIG-IP system to automatically assign a VLAN tag.
    The VLAN tag identifies the traffic from hosts in the associated VLAN.
  5. If you want to use Q-in-Q (double) tagging, use the Customer Tag setting to perform the following two steps. If you do not see the Customer Tag setting, your hardware platform does not support Q-in-Q tagging and you can skip this step.
    1. From the Customer Tag list, select Specify.
    2. Type a numeric tag, from 1-4094, for the VLAN.
    The customer tag specifies the inner tag of any frame passing through the VLAN.
  6. For the Interfaces setting:
    1. From the Interface list, select an interface number or trunk name.
    2. From the Tagging list, select Tagged or Untagged.
      Select Tagged when you want traffic for that interface to be tagged with a VLAN ID.
    3. If you specified a numeric value for the Customer Tag setting and from the Tagging list you selected Tagged, then from the Tag Mode list, select a value.
    4. Click Add.
    5. Repeat these steps for each interface or trunk that you want to assign to the VLAN.
  7. If you want the system to verify that the return route to an initial packet is the same VLAN from which the packet originated, select the Source Check check box.
  8. Click Finished.
    The screen refreshes, and displays the new VLAN in the list.
Repeat this procedure, but in Step 3, name the second VLAN internal.

Creating a route domain on BIG-IP LTM

Ensure that VLANs exist on BIG-IP® LTM®, before you create a route domain.
You can create a route domain on a BIG-IP system to segment (isolate) network traffic on your network.
  1. On the Main tab, click Network > Route Domains .
    The Route Domain List screen opens.
  2. Click Create.
    The New Route Domain screen opens.
  3. In the ID field, type an ID number for the route domain.
    This ID must be unique on the BIG-IP system; that is, no other route domain on the system can have this ID.
    An example of a route domain ID is 1.
  4. In the Description field, type a description of the route domain.
    For example: This route domain applies to application traffic for Customer A.
  5. For the Strict Isolation setting, select the Enabled check box to restrict traffic in this route domain from crossing into another route domain.
  6. For the Parent Name setting, retain the default value.
  7. For the VLANs setting, move the external and internal VLANs from the Available list, to the Members list.
    Configuring this setting ensures that the BIG-IP system immediately associates any self IP addresses pertaining to the selected VLANs with this route domain.
  8. Click Finished.
    The system displays a list of route domains on the BIG-IP system.
Create additional route domains based on your network configuration.

Creating a self IP address for a route domain on BIG-IP LTM

Ensure that VLANs exist on BIG-IP®LTM®, before you begin creating a self IP address for a route domain.
Create a self IP address on the BIG-IP system that resides in the address space of the route domain.
  1. On the Main tab, click Network > Self IPs .
  2. Click Create.
    The New Self IP screen opens.
  3. In the Name field, type a unique name for the self IP address.
  4. In the IP Address field, type an IP address.
    This IP address must represent a self IP address in a route domain. Use the format x.x.x.x%n, where n is the route domain ID, for example, 10.1.1.1%1.
    The system accepts IPv4 and IPv6 addresses.
  5. In the Netmask field, type the network mask for the specified IP address.

    For example, you can type 255.255.255.0.

  6. From the VLAN/Tunnel list, select the VLAN that you assigned to the route domain that contains this self IP address.
  7. From the Port Lockdown list, select Allow Default.
  8. Click Finished.
    The screen refreshes, and displays the new self IP address.
Create additional self IP addresses based on your network configuration.

Defining a server for a route domain on BIG-IP DNS

Ensure that at least one data center exists in the configuration.
On BIG-IP® DNS, define a server object to represent each LTM system device.
  1. On the Main tab, click DNS > GSLB > Servers .
    The Server List screen opens.
  2. Click Create.
    The New Server screen opens.
  3. In the Name field, type a name for the server.
    Important: Server names are limited to 63 characters.
  4. From the Product list, select BIG-IP System.
  5. In the Address List area, add the self IP address that you assigned to the VLAN that you assigned to the route domain.
    Important: Do not include the route domain ID in this IP address. Use the format x.x.x.x, for example, 10.10.10.1.
  6. From the Data Center list, select the data center where the server resides.
  7. From the Prober Preference list, select one of the following.
    Option Description
    Inside the Data Center By default, a server selects the Prober pool from within the existing data center.
    Outside the Data Center A server selects the Prober pool from outside the existing data center.
    Inherit from Data Center A server inherits the Prober pool assigned to the data center in which the server resides.
    Note: The selected Prober pool must reside in the same route domain as the servers you want the pool members to probe.
  8. From the Prober Fallback list, select one of the following.
    Option Description
    Any available By default, selects any available Prober pool.
    Inside the Data Center A server selects the Prober pool from within the existing data center.
    Outside the Data Center A server selects the Prober pool from outside the existing data center.
    Inherit from Data Center A server inherits the Prober pool assigned to the data center in which the server resides.
    None No Prober pool is used. Prober Fallback is disabled.
  9. In the Health Monitors area, assign the bigip monitor to the server by moving it from the Available list to the Selected list.
  10. From the Virtual Server Discovery list, select Enabled.
  11. Click Create.
    The New Server screen opens.
  12. In the server list, click the name of the LTM system that you just created.
    The Server Properties screen opens.
  13. On the menu bar, click Virtual Servers.
    A list of the virtual servers configured on the server displays.
  14. From the Resources list, select Advanced.
    Additional settings display.
  15. Select the Expose Route Domains check box.
  16. Click Update.
Repeat these steps to create a BIG-IP DNS server object to represent another LTM system device.

Implementation result

You now have an implementation in which BIG-IP DNS monitors BIG-IP LTM virtual servers on the various route domains in your network.

Table of Contents | << Previous Chapter | Next Chapter >>
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5 Networks, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information