GTM and cluster

I will provide you the general idea about that, and I think should answer all the question you posted. If not, let me know.

 

The HA configuration has no direct relation with GTM. You can have an HA configuration, starting from standalone, active/standby, active/active, N+1, etc.. That is LTM, and other modules that depend on LTM (like ASM).

 

The GTM/DNS will always be standalone (and implicitly active). If you have more than one GTM, they will work together, splitting work (like monitor), and sharing data (like DNS zone files, if enabled).

 

When you have LTM and GTM together, is where the confusion starts. The LTM will still work independently from the GTM, but you can configure the GTM to take advantage of the fact that is in an HA pair.

 

When you configure the GTM listener, that is basically a LTM virtual server, if you use the floating IP, only the GTM in the active unit will process the traffic. If you configure each GTM with a listener using the non-floating self IP, both will process DNS requests (but you need to have both as DNS server for your zone).

 

Well, strange things happen. I don't really know what was cause of my problem - v13.0.0HF2 bug, coincidence or sun activity...

 

Anyway my Sync Group and HA Sync Failower mariage refused to work. Everything looked perfectly OK:

 

• Same versions of TMOS on both devices
• Correct certificates
• Working iQuery communication

Still GSLB changes made on one device were never propagated to another.

 

cid.id number was increased separately on both and never matched.

 

After hours of futile fight I decided to chose hard way - strat from scratch:

 

• Remove whole GSLB config from both devices (I wonder if there is some easier way that deleting all objects via GUI - probably just cleaning bigip_gtm.conf and do load sys config gtm-only)
• Break DSC (Standby set to Forced Offline), clean floating object on Standby

Then I changed order of battle:

 

First configured GSLB objects:

 

• Server that contains DeviceA set with self IP of device to which another GTM will be added
• Server that contains DeviceB set with self IP of device that will be added to Sync Group as second GTM
• Then perform gtm_add from DeviceB

So far so good, syncing changes started to work both ways.

 

Then I started to recreate cluster - and there strange things started. After adding DeviceB as Peer suddenly cid.id for gtm device_group was reset - from let's say 100 to 2 on both devices.

 

Then errors started to pop out in gtm log:

 

• Encountered error while processing mcp message at ../gtmdb/db_devicegroup_device.c:325 : Unable to associate a device with an unknown group
• iqsyncer errors showed up on DeviceB

But still syncing changes kept working.

 

Then I created Sync Failover group and synced both device.

 

After this operation changes in GSLB setup are still propagated both ways (sure completely separate from ConfigSync operations).

 

So again I am puzzled what I did wrong during first attempt? My main suspect is this cid.id reset after configuring Peer... but I am not sure.

 

I think as well that Active-Passive cluster can be used when separate DNS listeners are needed per Data Center - just set listeners using self IP subnets that are specific to DC - those will not be synced via Config Sync but still covered by GSLB sync.

 

Of course DNS Listener configured on floating IP subnet can as well be used - then you can have everything in one package - syncing what is necessary between DSs and have DC unique part.

 

Piotr