Professional Documents
Culture Documents
for BIG-IP
to control and
distribute traffic according to specific policies.
The Global Traffic Manager provides a variety of features that meet special
needs. For example, with this product you can:
Ensure wide-area persistence by maintaining a mapping between a local
DNS server and a virtual server in a wide IP pool
Direct local clients to local servers for globally-distributed sites using
Topology mode load balancing
Change the load balancing configuration according to current traffic
patterns or time of day
Customize load balancing modes
Set up global load balancing among Local Traffic Manager systems
and other load balancing hosts
Monitor real-time network conditions
Configure a content delivery network with a CDN provider
Guarantee multiple port availability for e-commerce sites
The Global Traffic Manager is one of several products that constitute the
BIG-IP product family. All products in the BIG-IP product family run on the
powerful Traffic Management Operating System
, commonly referred to as
TMOS
.
When you install a Global Traffic Manager system on the network, the
actions you take to integrate it into the network fall into two categories:
setup tasks and configuration tasks.
Setup tasks are tasks in which you create or modify settings that apply to
the Global Traffic Manager itself, or that apply universally to all other
configuration components, such as servers, data centers, or wide IPs that
you create later. Examples of setup tasks include running the Setup
utility, assigning self IP address, and enabling high-availability
functions. For more information about setup tasks, see Setting up the
Global Traffic Manager, on page 3-1.
Configuration tasks are tasks in which you define a specific aspect of the
Global Traffic Manager, such as load balancing methods, pools and pool
members, or iRules. These configuration tasks, while important, only
affect specific aspects of how you manage DNS traffic with the Global
Traffic Manager. For more information about the components of the
Global Traffic Manager that you can configure, see Configuring the
Global Traffic Manager, on page 3-1.
Chapter 1
1 - 2
Security features
The Global Traffic Manager offers a variety of security features that can
help prevent hostile attacks on your site or equipment.
Secure administrative connections
The Global Traffic Manager supports Secure Shell (SSH) administrative
connections for remote administration from the command line. The web
server, which hosts the web-based Configuration utility, supports SSL
connections as well as user authentication.
Secure iQuery
communications
The Global Traffic Manager supports web certificate authentication for
iQuery communications between itself and other systems running the
big3d agent.
TCP wrappers
The Global Traffic Manager supports the use of TCP wrappers to provide
an extra layer of security for network connections.
Introducing Local Traffic Manager resources
If you use the Global Traffic Manager in conjunction with a Local Traffic
Manager, it is important to understand the following network resources. You
do not manage these resources directly through the Global Traffic Manager,
but understanding their role in your network configuration can assist you in
optimizing your networks availability and performance:
Self IP address
A self IP address is an IP address that you define on a VLAN of a
BIG-IP system. Note that this concept does not apply to the management
IP address of a BIG-IP system or to IP addresses on other devices.
Node
A node is a logical object on the BIG-IP system that identifies the IP
address of a physical resource on the network, such as a web server. You
define a node object in the Local Traffic Manager. For more information
about nodes, see the Configuring Nodes chapter in the Configuration
Guide for BIG-IP
.
For the most current list of the supported browsers for the Configuration
utility, see the current release note on the AskF5 Knowledge Base web
site, https://support.f5.com.
Overview of the Global Traffic Manager
Configuration Guide for BIG-IP
2000 Servers.
One server that you must define is the Global Traffic Manager. This places
the system on the network map. You can also define Local Traffic Manager
systems, and the virtual servers that these servers manage.
For information about configuring servers, see Managing servers, on page
5-5.
Introducing Global Traffic Manager Components
Configuration Guide for BIG-IP
Systems.
F5 Networks recommends that you review this guide to ensure that you
configure the basic network and system settings in a way that best fits the
needs of your network and your DNS traffic. You can access this guide by
visiting the F5 Technical Support web site: https://support.F5.com.
Configuring the Global Traffic Manager
Once you have the basic network settings configured, you can work on
configuring the Global Traffic Manager itself. Specifically, you complete
the following tasks:
Define the Global Traffic Manager
For more information, see Defining the Global Traffic Manager, on page
3-2.
Establish system communications
For more information, see Establishing system communications, on page
3-4.
Configure synchronization settings
For more information, see Configuring synchronization settings, on page
3-9.
Configure auto-discovery
For more information, see Configuring auto-discovery, on page 3-14.
Configure global monitoring options
For more information, see Configuring global monitor settings, on page
3-15.
Configure domain validation
For more information, see Configuring domain validation, on page 3-18.
Once you complete these tasks, you are ready to work on the configuration
tasks that allow your network to get the full benefit of the features of the
Global Traffic Manager.
Chapter 3
3 - 2
Defining the Global Traffic Manager
The Global Traffic Manager is designed to manage DNS traffic as it moves
from outside the network, to the appropriate resource, and back again. The
management capabilities of the system require that it has an accurate
definition of the sections of the network over which it has jurisdiction. You
must define network elements such as data centers, servers (including
BIG-IP systems), and virtual servers in the Global Traffic Manager.
Defining these elements is similar to drawing a network diagram; you must
include all of the relevant components in such a diagram in order to have an
accurate depiction of how the system works as a whole.
When you configure a Global Traffic Manager to communicate with other
BIG-IP systems, the IP addresses of the system servers must reside within
the default route domain on the BIG-IP system. Otherwise, the Global
Traffic Manager cannot communicate with those systems. For more
information about configuring route domains, see the TMOS
Management
Guide for BIG-IP
Systems.
Note
In existing version 9.x systems, by default, the IP addresses of the system
servers are in the default route domain.
As part of specifying this network topology, you must configure the Global
Traffic Manager itself, as described in Defining the current Global Traffic
Manager, on page 5-6. You specify the role of the Global Traffic Manager
within the network, as well as what interactions it can and cannot have with
other network components. Without this configuration, many of the
capabilities of the Global Traffic Manager cannot operate effectively.
Additionally, if you are defining a Global Traffic Manager redundant
system configuration that uses network-based failover, you must manually
enable high availability on both Global Traffic Manager systems, as
described in Enabling high availability for network-based failover, on page
3-3.
Before you define a Global Traffic Manager, you must first specify the data
center in which it resides. This step is important because all network
components that the system manages must belong to a data center. For more
information, see Configuring data centers, on page 5-2.
To create a data center
1. On the Main tab of the navigation pane, expand Global Traffic and
click Data Centers.
The main screen for data centers opens.
2. Click the Create button.
The New Data Center screen opens
3. Specify settings for the new data center.
For additional assistance with these settings, see the online help.
4. Click the Finished button.
Setting Up and Configuring the Global Traffic Manager
Configuration Guide for BIG-IP
Systems.
Communication Component Requirements
Ports Port 22, for secure file copying of entities like
big3d.
Port 4353, for iQuery communication.
Utilities big3d, for Global Traffic Manager to BIG-IP
system communication.
Protocols iQuery
Table 3.1 Requirements for communication components (BIG-IP system)
Chapter 3
3 - 6
Table 3.2 lists the requirements for each communication component
between the big3d agent and other external systems.
When you configure the Global Traffic Manager to communicate with
external systems, you must complete one or more of the following tasks:
Define the systems in the Global Traffic Manager.
This task applies regardless of whether the system is a BIG-IP system, or
a third-party system.
Run the gtm_add utility.
This utility is designed for situations in which you are installing the
system in a network that already has one or more Global Traffic Manager
systems running.
Run the big3d_install utility.
This utility ensures that the Global Traffic Manager and other BIG-IP
systems use the same version of the big3d utility, and establishes that
these systems are authorized to exchange information.
Run the bigip_add utility.
If you are certain that the other BIG-IP systems on the network use the
same version of the big3d utility as the Global Traffic Manager, you can
run the bigip_add utility instead of the big3d_install utility. The
bigip_add utility authorizes communications between the Global Traffic
Manager and other BIG-IP systems on the network.
Defining the systems in the Global Traffic Manager
As described in Defining the Global Traffic Manager, on page 3-2, the
Global Traffic Manager needs to have information on the different systems
with which it interacts when managing DNS traffic. These systems include
other Global Traffic Manager systems, BIG-IP systems, and third-party
systems.
When you configure a Global Traffic Manager, you must add these systems
into the configuration for the Global Traffic Manager to communicate with
these systems. For information about defining these systems, see Managing
servers, on page 5-5.
Running the gtm_add utility
If you are integrating a new Global Traffic Manager into a Global Traffic
Manager synchronization group on your network, you must run the
gtm_add utility on the new device. When you run this utility, you specify
Communication Component Requirements
Ports Port 161
Protocols SNMP
Table 3.2 Requirements for communication components (third-party
systems)
Setting Up and Configuring the Global Traffic Manager
Configuration Guide for BIG-IP
Systems, you may have already configured a list of NTP servers for the
Global Traffic Manager. If you have not yet done so, you can find detailed
information on configuring these settings in that guide.
Setting Up and Configuring the Global Traffic Manager
Configuration Guide for BIG-IP
Systems.
Configuring a listener for all VLANs
When you configure a listener, set the VLAN Traffic setting to All VLANs
if either of these conditions exist:
The IP address you assign as a listener is valid for all VLANs for which
the Global Traffic Manager is responsible.
The Global Traffic Manager handles locally the traffic on the IP address
you assign as a listener.
Working with Listeners
Configuration Guide for BIG-IP
system.
Third-party load balancing systems
A third-party load balancing system is any system, other than a BIG-IP
system, that supports and manages virtual servers on the network. See
Defining third-party load balancing servers, on page 5-9, for a list of
supported load balancing servers and instructions on how to define these
servers.
Third-party host servers
A third-party host system is any server on the network that does not
support virtual servers. See Defining third-party host servers, on page
5-10, for a list of supported host servers and instructions on how to
define these servers.
At a minimum, you must define the following servers on the Global Traffic
Manager:
The current Global Traffic Manager
A managed server (either a load balancing server or a host)
The following procedures describe how to define each server type in your
network. These procedures assume that the servers are up and running in the
network, and that they already have virtual servers defined (if the server
manages virtual servers).
Defining BIG-IP systems
When you configure a Global Traffic Manager, you first define the system
itself. Then you define the other BIG-IP systems in the physical network,
such as backup systems on the current network segment, or systems that
reside at other data centers.
Chapter 5
5 - 6
Defining the current Global Traffic Manager
Global Traffic Manager systems are load balancing servers that are part of
your physical network. You first configure the settings of a Global Traffic
Manager itself, and then you can add other Global Traffic Manager systems
to the configuration.
If the Global Traffic Manager that you are configuring has multiple links
(that is, multiple network devices that connect it to the internet), you can add
the self IP addresses of these devices to the system. After you configure
these systems, the agents and other utilities, such as the big3d agent, can
gather and analyze network traffic path and metrics information.
After you configure the additional servers and links, you can synchronize
the settings of a specific Global Traffic Manager to other Global Traffic
Managers on the physical network.
Important
You must use a self IP address when you define a Global Traffic Manager.
You cannot use the management IP address.
To define the current Global Traffic Manager
1. On the Main tab of the navigation pane, expand Global Traffic and
click Servers.
The main screen for servers opens.
2. Click the Create button.
The New Server screen opens.
3. In the Name box, type a name that identifies the Global Traffic
Manager.
4. From the Product list, specify the type of system that is required:
BIG-IP System (Single) specifies a primary system.
BIG-IP System (Redundant) specifies a backup system.
5. Add IP addresses to the Address List.
For BIG-IP System (Single), type the self IP address in the
Address box, and then click Add.
For BIG-IP System (Redundant), type the self IP address in the
Address box, and then click Add. Then add the self IP address of
the backup system to the Peer Address List, by typing the self IP
address in the Address box, and click Add.
6. From the Data Center list, select a data center to which the Global
Traffic Manager belongs.
Note: A server must belong to a data center. See Managing data
centers, on page 5-2, for additional information.
7. Configure the remaining server settings, and then click the Create
button to create the new server.
For additional assistance with these settings, see the online help.
Defining the Physical Network
Configuration Guide for BIG-IP
Ace Director
Cisco
CSS
Cisco
LocalDirector v2
Cisco
LoadDirector v3
Cisco
SLB
Extreme
Foundry
ServerIron
Radware WSD
Note
If your network uses a load balancing server that is not found on this list,
you can use the Generic Load Balancer option. See Defining a generic load
balancing server, on page 5-10.
Adding load balancing servers
You can add as many third-party load balancing servers as you need into
your configuration of the Global Traffic Manager.
To add a load balancing server
1. On the Main tab of the navigation pane, expand Global Traffic and
click Servers.
The main screen for servers opens.
2. Click the Create button.
The New Server screen opens.
3. In the Name box, type a name that identifies the server.
4. From the Product list, select the appropriate load balancing server.
If your network uses a load balancing server that is not on this list,
you can use the Generic Load Balancer option. See Defining a
generic load balancing server, on page 5-10.
5. Type the IP address of the server in the Address box, and then click
Add.
Note: You can add more than one address to any given server,
depending on how that server interacts with the rest of your
network.
Chapter 5
5 - 10
6. From the Data Center list, select a data center to which the server
belongs.
Note: A server must belong to a data center. See Managing data
centers, on page 5-2, for additional information.
7. Configure the remaining server settings.
For additional assistance on these settings, see the online help.
8. Click the Create button to create the new server.
Defining a generic load balancing server
In the event that your network uses a load balancing server that is not
explicitly supported by the Global Traffic Manager, you can define a
generic load balancer.
To define a generic load balancing server
1. On the Main tab of the navigation pane, expand Global Traffic and
click Servers.
The main screen for servers opens.
2. Click the Create button.
The New Server screen opens.
3. In the Name box, type a name that identifies the server.
4. From the Product list, select Generic Load Balancer.
5. Type the IP address of the server in the Address box, and then click
Add.
Note: You can add more than one address to any given server,
depending on how that server interacts with the rest of your
network.
6. From the Data Center list, select a data center to which the server
belongs.
Note: A server must belong to a data center. See Managing data
centers, on page 5-2, for additional information.
7. Configure the remaining server settings.
For additional assistance with these settings, see the online help.
8. Click the Create button to create the new server.
Defining third-party host servers
Another server type that you might include as part of your network is a host.
A host is an individual network resource, such as web page or a database,
that is not a part of the BIG-IP product family and does not provide load
balancing capabilities for the resources it supports.
Defining the Physical Network
Configuration Guide for BIG-IP
NetApp
Sun Solaris
Windows 2000 Server (You can monitor the Windows Vista
Enterprise
Server using the Windows 2000 Server-based computer.)
Windows Server
2003
Windows NT 4.0
Note
If your network uses a host server that is not on this list, you can use the
Generic Host option. See Defining a generic host server, on page 5-12.
To define a host server
1. On the Main tab of the navigation pane, expand Global Traffic and
click Servers.
The main screen for servers opens.
2. Click the Create button.
The New Server screen opens.
3. In the Name box, type a name that identifies the server.
4. From the Product list, select the appropriate host server.
5. Type the IP address of the server in the Address box, and then click
Add.
Note: You can add more than one address to any given server,
depending on how that server interacts with the rest of your
network.
6. From the Data Center list, select a data center to which the server
belongs.
Note: A server must belong to a data center. See Managing data
centers, on page 5-2, for additional information.
7. Configure the remaining server settings.
For additional assistance on these settings, see the online help.
8. Click the Create button to create the new server.
Chapter 5
5 - 12
Defining a generic host server
In the event that your network uses a host server that is not explicitly
supported by the Global Traffic Manager, you can add a generic host server.
To define a generic host server
1. On the Main tab of the navigation pane, expand Global Traffic and
click Servers.
The main screen for servers opens.
2. Click the Create button.
The New Server screen opens.
3. In the Name box, type a name that identifies the server.
4. From the Product list, select Generic Host.
5. Type the IP address of the server in the Address box, and then click
Add.
Note: You can add more than one address to any given server,
depending on how that server interacts with the rest of your
network.
6. From the Data Center list, select a data center to which the server
belongs.
Note: A server must belong to a data center. See Managing data
centers, on page 5-2, for additional information.
7. Configure the remaining server settings.
For additional assistance with these settings, see the online help.
8. Click the Create button to create the new server.
Searching for a specific server
If you want to view or modify the properties of a server, you can locate that
specific server using the search feature. You can search by either the full or
partial name or the IP address of the server. The search feature can be
especially useful for companies with large networks that contain numerous
servers. For more information about how the search feature works see
Locating a component using the search feature, on page 2-6.
To search for a specific a server
1. On the Main tab of the navigation pane, expand Global Traffic and
click Servers.
The main screen for servers opens.
2. In the selection criteria box, type the name or IP address of the
server that you want to modify, and then click Filter.
A list of servers that matches the criteria you entered displays.
Defining the Physical Network
Configuration Guide for BIG-IP
, Alteon
, Extreme Networks
, Foundry
, or Radware
server, that monitor obtains information on the virtual servers associated
with that server. If you assign the SNMP monitor to any other server type,
that monitor obtains data on the server itself.
Note
For more information on the SNMP monitor, see Chapter 11, Configuring
Monitors.
In cases where you assign a monitor to a virtual server both directly and to
its parent server, the availability information acquired from the monitor
directly assigned to the virtual server takes precedence over any other data.
To assign a monitor to check virtual servers associated with
a server
1. On the Main tab of the navigation pane, expand Global Traffic and
click Servers.
The main screen for servers opens.
2. Click the name of the server that you want to configure.
The properties screen for the server appears.
3. From the Configuration list, select Advanced.
Additional fields display with default settings.
Chapter 8
8 - 6
4. Determine the availability requirements for the virtual servers:
If you want the Global Traffic Manager to consider a virtual
server only if all monitors assigned to the virtual server are
successful, select All Health Monitors from the Availability
Requirements list.
If you want the Global Traffic Manager to consider the virtual
server as available only if some monitors assigned to it are
successful, select At Least from the Availability Requirements
list. When you select At Least, a box appears where you can type
the number of monitors that must be successful for the virtual
server to be available.
5. Click the Update button to save your changes.
To control how monitors determine the availability of a
pool
1. On the Main tab of the navigation pane, expand Global Traffic and
click Pools.
The main screen for pools opens.
2. Click the name of the pool that you want to configure.
The properties screen for the pool appears.
3. From the Configuration list, select Advanced.
Additional fields display with default settings.
4. Determine the availability requirements for the pool:
If you want the Global Traffic Manager to consider the pool only
if all monitors assigned to the pool are successful, select All
Health Monitors from the Availability Requirements list.
If you want the Global Traffic Manager to consider the pool as
available only if some monitors assigned to it are successful,
select At Least from the Availability Requirements list. When
you select At Least, a box appears where you can type the
number of monitors that must be successful for the pool to be
available.
5. Click the Update button to save your changes.
To control how monitors determine the availability of a link
1. On the Main tab of the navigation pane, expand Global Traffic and
click Links.
The main screen for links opens.
2. Click the name of the link that you want to configure.
The properties screen for the link appears.
3. From the Configuration list, select Advanced.
Additional fields display with default settings.
Managing Connections
Configuration Guide for BIG-IP
whereis command.
To download and install an update to the IP geolocation
database
1. Log in to the F5 Networks customer web site at
https://downloads.f5.com, and click Find a Download.
2. In the F5 Product Family column, find BIG-IP, and then in the
Product Line column, click BIG-IP v10.x.
3. Select a version from the list preceding the table.
4. In the Name column, click Quova-GeolocationUpdates.
5. Click I Accept to accept the license.
6. In the Filename column, click the name of the most recent
compressed file that you want to download.
7. In the Ready to Download table, click the download method that
you want to use.
8. In the dialog box, click OK.
9. Select the directory in which you want to save the compressed file,
and then decompress the file to save the RPM files on the system.
Load Balancing Connection Requests Using Topologies
Configuration Guide for BIG-IP
by attempting to perform an
Oracle logon to a service.
pool member,
server,
virtual server
POP3 Verifies the Post Office Protocol version 3 (POP3) service by
attempting to connect to a pool, pool member, or virtual server, log
on as the specified user, and log off.
pool member,
server,
virtual server
Monitor
Category
Monitor
Type Description
PossibleObject
Associations
Table 11.1 Monitor types available on a Global Traffic Manager
Chapter 11
11 - 4
Overview of monitor settings
Monitors contain settings with corresponding values. These settings and
their values affect the way that a monitor performs its status check. When
you create a custom monitor, you must configure these setting values. For
those settings that have default values, you can either retain the default
RADIUS Verifies the Remote Access Dial-in User Service (RADIUS) service
by attempting to authenticate the specified user.
pool member,
server,
virtual server
Real
Server
Checks the performance of a pool, pool member, or node that is
running the RealServer data collection agent, and then dynamically
load balances traffic accordingly.
node,
pool member,
server,
virtual server
Scripted Generates a simple script that reads a file that you create. The file
contains Send and Expect strings to specify lines that you want to
send or that you expect to receive.
pool member,
server,
virtual server
SIP Checks the status of Session Initiation Protocol (SIP) Call-ID
services on a device. The SIP protocol enables real-time
messaging, voice, data, and video.
pool member,
server, virtual
server
SMTP Checks the status of a pool, pool member, or virtual server by
issuing standard Simple Mail Transport Protocol (SMTP)
commands.
pool member,
server,
virtual server
SNMP Link Checks the current CPU, memory, and disk usage of a pool, pool
member, or virtual server that is running an SNMP data collection
agent, and then dynamically load balances traffic accordingly.
node,
pool member,
server,
virtual server
SOAP Tests a web service based on the Simple Object Access Protocol
(SOAP).
pool member,
server,
virtual server
UDP Verifies the User Datagram Protocol (UDP) service by attempting to
send UDP packets to a pool, pool member, or virtual server and
receiving a reply.
pool member,
server,
virtual server
WAP Requests the URL specified in the Send setting, and finds the string
specified in the Recv setting somewhere in the data returned by the
URL response.
pool member,
server,
virtual server
WMI Checks the performance of a pool, pool member, or virtual server
that is running the Windows Management Infrastructure (WMI) data
collection agent and then dynamically load balances traffic
accordingly.
node,
pool member,
virtual server
Monitor
Category
Monitor
Type Description
PossibleObject
Associations
Table 11.1 Monitor types available on a Global Traffic Manager
Configuring Monitors
Configuration Guide for BIG-IP
Paths
Local DNS
The Global Traffic Manager also contains persistence records. A persistence
record provides information on network load balancing when the
persistence option is enabled for a given pool or virtual server. This option
ensures that the system sends name resolution from the same source within a
given session to the same resource on your network.
The Global Traffic Manager gathers statistics through a software component
called the big3d agent. This agent probes the various monitors that you
assign to your network components, and returns statistics based on those
monitors. The gtmd utility manages those monitors, determining when to
probe and when to time out the probe attempts.
Statistics are often paired with metrics collection; however, the two have
different roles. Statistics pertain to a broad set of data that focuses on how
often a given set of resources are used and how well those resources are
performing. Metrics collection, on the other hand, focuses specifically on
data that relates to overall communication between the Global Traffic
Manager and a Local DNS. Unlike statistics, metrics collection is designed
to provide performance data, as opposed to usage or historical data. See
Chapter 13, Collecting Metrics, for more information on metrics.
Chapter 12
12 - 2
Accessing statistics
You can access Global Traffic Manager statistics in two ways:
Through the Statistics option on the Main tab of the navigation pane
Through the Statistics menu from various main screens for different
components
Both methods take you to the same screen within the Global Traffic
Manager. When you access statistics through a menu on the main screen for
a given network component, the Statistics screen is pre-configured for the
given network element, although you can switch to a different set of
statistics at any time.
Additionally, you can use the search feature to locate a specific component
or group of components. The default search value is an asterisk (*), which
instructs the system to display all relevant components in a list. You can
type a string in the box, and when you click the Search button, the system
modifies the list to show only those components that match the string. For
more information about how the search feature works, see Locating a
component using the search feature, on page 2-6.
Tip
You can also access statistics from the command line using the tmsh
command show. For more information about viewing statistics using tmsh,
see the Traffic Management Shell (tmsh) Reference Guide.
To access statistics through the Main tab
1. On the Main tab of the navigation pane, expand Overview and click
Statistics.
The Statistics screen opens.
2. On the menu bar, click Global Traffic.
The Statistics screen for Global Traffic opens.
3. From the Statistics Type list, select the type of statistics you want
to view.
These statistics are described in later sections of this chapter.
4. Select the data format in which you want to view the statistics:
If you select Normalized, the Global Traffic Manager rounds the
data to the nearest digit.
If you select Unformatted, the Global Traffic Manager displays
the exact value to as many decimal places as the value requires.
5. From the Auto Refresh list, select the frequency at which the
Global Traffic Manager refreshes data on the screen.
If you select Disabled from this list, the system does not refresh the
screen; instead, you can click the Refresh button to update the
screen with the latest statistical data.
Viewing Statistics
Configuration Guide for BIG-IP
. iRules
are code snippets that are based on TCL 8.4. These snippets allow you a
great deal of flexibility in managing your global network traffic.
If you are familiar with the Local Traffic Manager, you might already be
aware of and use iRules to manage your network traffic on a local level. The
iRules in the Global Traffic Manager share a similar syntax with their Local
Traffic Manager counterparts, but support a different set of events and
objects.
Due to the dynamic nature of iRules development, the following sections
focus on providing an overview of iRule operations and describe the events
and command specific to the Global Traffic Manager. For additional
information on how to write iRules, visit the F5 DevCentral web site:
http://devcentral.f5.com. At this site, you can learn more about iRules
development, as well as discuss iRules functionality with others.
What is an iRule?
An iRule is a script that you write if you want individual connections to
target a pool other than the default pool defined for a virtual server. iRules
allow you to more directly specify the pools to which you want traffic to be
directed. Using iRules, you can send traffic not only to pools, but also to
individual pool members or hosts.
The iRules you create can be simple or sophisticated, depending on your
content-switching needs. Figure 15.1 shows an example of a simple iRule.
This iRule is triggered when a DNS request has been detected, causing the
Global Traffic Manager to send the packet to the pool my_pool, if the IP
address of the local DNS making the request matches 10.10.10.10.
iRules can direct traffic not only to specific pools, but also to individual pool
members, including port numbers and URI paths, either to implement
persistence or to meet specific load balancing requirements.
when DNS_REQUEST {
if { [IP::addr [IP::client_addr] equals 10.10.10.10] } {
pool my_pool
}
}
Figure 15.1 Example of an iRule
Chapter 15
15 - 2
The syntax that you use to write iRules is based on the Tool Command
Language (Tcl) programming standard. Thus, you can use many of the
standard Tcl commands, plus a set of extensions that the Global Traffic
Manager provides to help you further increase load balancing efficiency.
For information about standard Tcl syntax, see the Tcl Reference Manual at
http://tmml.sourceforge.net/doc/tcl/index.html.
Creating iRules
You can create an iRule using the Configuration utility.
To create an iRule
1. On the Main tab of the navigation pane, expand Global Traffic and
click iRules.
The iRules screen opens.
2. Click the Create button.
3. In the Name box, type a 1- to 31-character name.
4. In the Definition box, type the syntax for your iRule.
5. If you want to expand the length of the Definition box, check
Extend Text Area. Also, if you want the contents of the iRule to
wrap within the box, check Wrap Text.
6. Click the Finished button to save your changes.
For detailed syntax information on writing iRules, see pages 15-4 through
15-9.
Managing iRules
Configuration Guide for BIG-IP
systems.
Appendix A
A - 2
Collecting path data and server performance metrics
A big3d agent collects the following types of performance information that
the system uses for load balancing. The big3d agent broadcasts this
information to all Global Traffic Manager systems in your network.
Network path round trip time
The big3d agent calculates the round trip time for the network path
between the agents data center and the clients LDNS server that is
making the resolution request. The Global Traffic Manager uses round
trip time to determine the best virtual server to answer the request when a
pool uses a dynamic load balancing mode, such as Round Trip Time, or
Quality of Service.
Network path packet loss
The big3d agent calculates the packet completion percentage for the
network path between the agents data center and the clients LDNS
server that is making the resolution request. The Global Traffic Manager
uses the packet completion rate to determine the best virtual server to
answer the request when a wide IP or pool uses either the Completion
Rate or the Quality of Service load balancing modes.
Router hops along the network path
The big3d agent calculates the number of intermediate system transitions
(router hops) between the agents data center and the clients LDNS
server. The Global Traffic Manager uses hops to determine the best
virtual server to answer the request when a pool uses the Hops or the
Quality of Service load balancing modes.
Server performance
The big3d agent returns server metrics, such as the packet rate, for
BIG-IP systems or SNMP-enabled hosts. The Global Traffic Manager
uses packet rate to determine the best virtual server to answer the request
when a pool uses the Packet Rate, KBPS, Least Connections, or Quality
of Service load balancing modes.
Virtual server availability and performance
The big3d agent queries virtual servers to verify whether they are up and
available to receive connections, and uses only those virtual servers that
are up for load balancing. The big3d agent also determines the number
of current connections to virtual servers that are defined on BIG-IP
systems or SNMP-enabled hosts. The Global Traffic Manager uses the
number of current connections to determine the best virtual server when
a pool uses the Least Connections or VS Capacity load balancing mode.
Working with the big3d Agent
Configuration Guide for BIG-IP
routers: allow
establish)
LDNS big3d TCP 53 >1023
Replies using TCP (Cisco
routers: allow
establish)
big3d LDNS UDP 53 33434 Probe using UDP or traceroute utility
LDNS big3d ICMP N/A N/A Replies to ICMP, UDP pings, or traceroute
probes
big3d LDNS dns_rev
dns_dot
>1023 53 Probe using DNS rev or DNS dot
LDNS big3d dns_rev
dns_dot
53 >1023 Replies to DNS rev or DNS dot probes
Table A.4 Communications between big3d agents and local DNS servers
Appendix A
A - 8
B
Understanding Probes
Introducing probes
Understanding iQuery
Determining probe responsibility
Selecting a big3d agent
Designating a specific server
Managing LDNS probes
Using log entries to tune probes
Understanding Probes
Configuration Guide for BIG-IP