DNS load balancing for External Websites

Question

Hello,

We currently manage an F5 DNS with a delegation for *.gslb.abc.com. Our external websites, namely ffff.org and gggg.com, are hosted on F5 LTM, and their respective IPs are provided in the GoDaddy DNS.

We are exploring the possibility of directing traffic for these websites to our F5 GTM, which would then distribute the traffic to either data center 1 or data center 2 based on pool availability.

Is it feasible to achieve this configuration through F5 GTM, or is it a configuration that needs to be addressed directly through GoDaddy? Thank you for your guidance on this matter.

zamroni777 · Answer

actually that's common use case for f5 dns/gtm.

a. ask godaddy to set f5 dns public IP as NS for ffff/ggg.com, OR
b. add A records for f5 dns hostname in godaddy. then replace A record of ffff/ggg.com with CNAME/alias to that f5 gtm hostname.

ip address you put in godaddy surely must be public ip.
this public ip can be put in upfront network firewall that will NAT it to f5 private ip addresses.

ashk · Answer

Okay, seems like a way,&nbsp;I will add NS record for a .org website of F5 GTM DNS listener. and allow firewall for that IP to listen externally on port 53. Then it will technically hit F5 GTM for name resolution and provide the IP based on the wide pool right?&nbsp;What would be the host I need to configured on the F5 GTM wide IP name? is that ggg.gslb.org or pretty ggg.org will be enough.&nbsp;

phatanhappy · Answer

Minor notes:The GTM/DNS modules is an intellegent dns resolver, it is never in line.&nbsp; &nbsp;It provides an answer to a dns question.&nbsp; i.e. - what is the IP address of&nbsp; &nbsp;server.fff.org- if your websites are configured using the first level domain&nbsp; &nbsp; &nbsp;ffff.org&nbsp; &nbsp;and gggg.com&nbsp; &nbsp;you will have to delegate the zone to the GTM.&nbsp; &nbsp;If you are using a 2nd level domain, myserver.ffff.org&nbsp; &nbsp;and myapp.ggg.org you can easily change the A record for them&nbsp; to the cname with the delgation.This is less of a "f5" question and more of a proper DNS architecture problem.&nbsp; &nbsp;What f5 introduces is the abiliy to monitor and provide HA based upon a tested condtion.

ashk · Answer

Understand, So I do required a deligation?

Example: myapps.org is hosted on GoDaddy point to 1.1.1.1

My 2 virtual myapps servers are 1.1.1.1 and 2.2.2.2. In go daddy I can only provide one IP so There in the CNAME or NS feild under myapps.org I need to configure my GTM Listerner IP or Hostname?

its first level domain. Do I need to create a new Zone/Deligation in GTM or in my Internal DNS to listen on Internal dns and send to GTM? but it will change the URL to myapps.gslb.org?

so pointing directly to the GTM wont work ?

appreciate the help 🙂

Forum Discussion

DNS load balancing for External Websites

4 Replies

Recent Discussions

Observing unexpected VLAN traffic on F5OS TMOS Tenant

Certificate Automation and AS3

Order of resource assignment when user assigned multiple network access resources

Maximum throughput of f5 ltm

F5 APM with OIDC Web Duo Prompt

Related Content

Troubeshooting website connection

Active/Active load balancing examples with F5 BIG-IP and Azure load balancer

CSV to Address External Datagroup File

Coordinated Vulnerability Disclosure: A Balanced Approach

Fake website, Gmail guideline, GPS spoofing, OWASP LLM, Jan 1st–5th F5SIRT This Week in Security