Beruflich Dokumente
Kultur Dokumente
version 9.4
MAN-0240-00
Service and Support Information
Product Version
This manual applies to product version 9.4 of the BIG-IP® Global Traffic Manager.
Publication Date
This manual was published on May 3, 2010.
Legal Notices
Copyright
Copyright 1998-2010, F5 Networks, Inc. All rights reserved.
F5 Networks, Inc. (F5) believes the information it furnishes to be accurate and reliable. However, F5
assumes no responsibility for the use of this information, nor any infringement of patents or other rights of
third parties which may result from its use. No license is granted by implication or otherwise under any
patent, copyright, or other intellectual property right of F5 except as specifically described by applicable
user licenses. F5 reserves the right to change specifications at any time without notice.
Trademarks
F5, F5 Networks, the F5 logo, BIG-IP, 3-DNS, iControl, Internet Control Architecture, IP Application
Switch, iRules, OneConnect, Packet Velocity, SYN Check, Control Your World, ZoneRunner, uRoam,
FirePass, TrafficShield, Swan, WANJet, WebAccelerator, and TMOS are registered trademarks or
trademarks, and Ask F5 is a service mark, of F5 Networks, Inc. in the U.S. and certain other countries. All
other trademarks mentioned in this document are the property of their respective owners. F5 Networks'
trademarks may not be used in connection with any product or service except as permitted in writing by
F5.
Patents
This product protected by U.S. Patents 6,374,300; 6,473,802; 6,970,933. Other patents pending.
RF Interference Warning
This is a Class A product. In a domestic environment this product may cause radio interference, in which
case the user may be required to take adequate measures.
FCC Compliance
This equipment has been tested and found to comply with the limits for a Class A digital device pursuant
to Part 15 of FCC rules. These limits are designed to provide reasonable protection against harmful
interference when the equipment is operated in a commercial environment. This unit generates, uses, and
can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual,
may cause harmful interference to radio communications. Operation of this equipment in a residential area
is likely to cause harmful interference, in which case the user, at his own expense, will be required to take
whatever measures may be required to correct the interference.
Any modifications to this device, unless expressly approved by the manufacturer, can void the user's
authority to operate this equipment under part 15 of the FCC rules.
Standards Compliance
This product conforms to the IEC, European Union, ANSI/UL and Canadian CSA standards applicable to
Information Technology products at the time of manufacture.
Acknowledgments
This product includes software developed by Gabriel Forté.
This product includes software developed by Bill Paul.
This product includes software developed by Jonathan Stone.
This product includes software developed by Manuel Bouyer.
This product includes software developed by Paul Richards.
This product includes software developed by the NetBSD Foundation, Inc. and its contributors.
This product includes software developed by the Politecnico di Torino, and its contributors.
This product includes software developed by the Swedish Institute of Computer Science and its
contributors.
This product includes software developed by the University of California, Berkeley and its contributors.
This product includes software developed by the Computer Systems Engineering Group at the Lawrence
Berkeley Laboratory.
This product includes software developed by Christopher G. Demetriou for the NetBSD Project.
This product includes software developed by Adam Glass.
This product includes software developed by Christian E. Hopps.
This product includes software developed by Dean Huxley.
This product includes software developed by John Kohl.
This product includes software developed by Paul Kranenburg.
This product includes software developed by Terrence R. Lambert.
This product includes software developed by Philip A. Nelson.
This product includes software developed by Herb Peyerl.
This product includes software developed by Jochen Pohl for the NetBSD Project.
This product includes software developed by Chris Provenzano.
This product includes software developed by Theo de Raadt.
This product includes software developed by David Muir Sharnoff.
This product includes software developed by SigmaSoft, Th. Lockert.
This product includes software developed for the NetBSD Project by Jason R. Thorpe.
This product includes software developed by Jason R. Thorpe for And Communications,
http://www.and.com.
This product includes software developed for the NetBSD Project by Frank Van der Linden.
This product includes software developed for the NetBSD Project by John M. Vinopal.
This product includes software developed by Christos Zoulas.
This product includes software developed by the University of Vermont and State Agricultural College and
Garrett A. Wollman.
In the following statement, "This software" refers to the Mitsumi CD-ROM driver: This software was
developed by Holger Veit and Brian Moore for use with "386BSD" and similar operating systems.
"Similar operating systems" includes mainly non-profit oriented systems for research and education,
including but not restricted to "NetBSD," "FreeBSD," "Mach" (by CMU).
This product includes software developed by the Apache Group for use in the Apache HTTP server project
(http://www.apache.org/).
This product includes software licensed from Richard H. Porter under the GNU Library General Public
License (© 1998, Red Hat Software), www.gnu.org/copyleft/lgpl.html.
This product includes the standard version of Perl software licensed under the Perl Artistic License (©
1997, 1998 Tom Christiansen and Nathan Torkington). All rights reserved. You may find the most current
standard version of Perl at http://www.perl.com.
ii
This product includes software developed by Jared Minch.
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit
(http://www.openssl.org/).
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).
This product contains software based on oprofile, which is protected under the GNU Public License.
1
Introducing the Global Traffic Manager
Introducing the BIG-IP system .....................................................................................................1-1
Introducing the Global Traffic Manager .....................................................................................1-2
Overview of Global Traffic Manager Resources ............................................................1-2
Internet protocol and network management support ..................................................1-4
Security features ....................................................................................................................1-4
Configuration scalability .......................................................................................................1-5
System synchronization options .........................................................................................1-5
Configuring data collection for server status and network path data .......................1-5
Redundant system configurations ......................................................................................1-6
Monitoring the Global Traffic Manager and the network ............................................1-6
Using the Configuration Guide ....................................................................................................1-7
Additional information ..........................................................................................................1-8
Introducing the Configuration utility ....................................................................................... 1-10
Configuration utility components ................................................................................... 1-10
Browser support ................................................................................................................. 1-11
Stylistic conventions in this document .................................................................................... 1-11
Using the solution examples ............................................................................................ 1-11
Identifying new terms ......................................................................................................... 1-11
Identifying references to products .................................................................................. 1-11
Identifying references to objects, names, and commands ......................................... 1-11
Identifying references to other documents .................................................................. 1-12
Identifying command syntax ............................................................................................. 1-12
Finding help and technical support resources ....................................................................... 1-13
2
Setting up the Global Traffic Manager
Introducing the Global Traffic Manager setup tasks ...............................................................2-1
Defining the Global Traffic Manager ...........................................................................................2-2
Establishing system communications ..........................................................................................2-4
Defining the systems in the Global Traffic Manager ......................................................2-5
Running the gtm_add utility .................................................................................................2-6
Running the big3d_install utility ..........................................................................................2-6
Running the bigip_add utility ...............................................................................................2-7
Configuring synchronization settings ..........................................................................................2-8
Defining NTP servers ............................................................................................................2-9
Activating synchronization ...................................................................................................2-9
Controlling file synchronization .........................................................................................2-9
Synchronizing DNS zone files .......................................................................................... 2-10
Creating synchronization groups .................................................................................... 2-11
Configuring auto-discovery ........................................................................................................ 2-12
Enabling auto-discovery ..................................................................................................... 2-13
Setting the discovery frequency ...................................................................................... 2-13
Configuring global monitor behavior ...................................................................................... 2-14
Assigning a heartbeat interval .......................................................................................... 2-14
Determining the number of monitor queries .............................................................. 2-15
Monitoring disabled resources ........................................................................................ 2-16
3
Reviewing Global Traffic Manager Components
Introducing Global Traffic Manager components ....................................................................3-1
Reviewing physical components ..................................................................................................3-2
Data centers ............................................................................................................................3-2
Servers ......................................................................................................................................3-2
Links ..........................................................................................................................................3-2
Virtual servers ........................................................................................................................3-3
Reviewing logical components .....................................................................................................3-3
Listeners ...................................................................................................................................3-3
Wide IPs ...................................................................................................................................3-3
Pools .........................................................................................................................................3-4
Distributed applications ........................................................................................................3-4
4
Working with Listeners
Introducing listeners .......................................................................................................................4-1
Creating a listener for local resolution ......................................................................................4-2
Configuring listeners for traffic forwarding ..............................................................................4-3
Configuring a wildcard listener ....................................................................................................4-4
Modifying listeners ..........................................................................................................................4-4
Deleting listeners ............................................................................................................................4-5
Using listeners with VLANs ..........................................................................................................4-6
Setting up a listener for all VLANs ....................................................................................4-6
Enabling a listener for specific VLANs ..............................................................................4-6
Disabling a listener for specific VLANs .............................................................................4-7
Understanding listeners: an example ..........................................................................................4-8
5
Defining the Physical Network
Introducing physical network components ...............................................................................5-1
Managing data centers ....................................................................................................................5-2
Configuring data centers ......................................................................................................5-2
Modifying data centers ..........................................................................................................5-3
Deleting data centers ............................................................................................................5-3
Enabling and disabling data centers ....................................................................................5-4
Managing servers .............................................................................................................................5-5
Defining BIG-IP systems .......................................................................................................5-5
Defining load balancing servers ..........................................................................................5-9
Defining host servers ......................................................................................................... 5-11
Assigning monitors to servers ......................................................................................... 5-12
Setting limit thresholds ...................................................................................................... 5-13
Discovering resources automatically ............................................................................. 5-16
Managing virtual servers ............................................................................................................. 5-19
Adding virtual servers manually ....................................................................................... 5-19
Modifying virtual servers ................................................................................................... 5-20
Removing virtual servers ................................................................................................... 5-20
Managing links ............................................................................................................................... 5-21
Defining links ........................................................................................................................ 5-21
Adding and removing routers .......................................................................................... 5-22
Assigning monitors to links .............................................................................................. 5-22
Configuring link weighting and billing properties ........................................................ 5-23
2
Table of Contents
6
Defining the Logical Network
Introducing logical network components ..................................................................................6-1
Understanding logical components ....................................................................................6-1
Setting up pools ...............................................................................................................................6-3
Defining pools .........................................................................................................................6-3
Adding virtual servers to pools ..........................................................................................6-4
Removing virtual servers from pools ................................................................................6-5
Organizing virtual servers within pools ............................................................................6-5
Weighting virtual servers within pools .............................................................................6-6
Disabling and enabling pools ...............................................................................................6-8
Setting up wide IPs ..........................................................................................................................6-9
Defining wide IPs ....................................................................................................................6-9
Adding pools to wide IPs .................................................................................................. 6-10
Removing pools from wide IPs ........................................................................................ 6-11
Organizing pools within wide IPs .................................................................................... 6-12
Weighting pools within wide IPs ..................................................................................... 6-12
Disabling and enabling wide IPs ....................................................................................... 6-14
Incorporating iRules ........................................................................................................... 6-14
Implementing the noerror response for IPv6 resolution .......................................... 6-16
Setting up distributed applications ........................................................................................... 6-18
Defining distributed applications ..................................................................................... 6-18
Adding wide IPs to distributed applications .................................................................. 6-19
Removing wide IPs from distributed applications ....................................................... 6-19
Setting dependencies for distributed applications ....................................................... 6-20
Enabling and disabling distributed application traffic ................................................... 6-22
Enabling persistent connections ...................................................................................... 6-23
7
Load Balancing with the Global Traffic Manager
Understanding load balancing on the Global Traffic Manager ..............................................7-1
Using static load balancing modes ...............................................................................................7-3
Drop Packet mode ................................................................................................................7-3
Fallback IP ................................................................................................................................7-4
Global Availability mode .......................................................................................................7-4
None mode .............................................................................................................................7-4
Ratio mode ..............................................................................................................................7-5
Return to DNS mode ...........................................................................................................7-5
Round Robin mode ...............................................................................................................7-5
Static Persist mode ................................................................................................................7-5
Topology mode ......................................................................................................................7-6
Using dynamic load balancing modes .........................................................................................7-7
Types of dynamic load balancing modes ...........................................................................7-7
Implementing the Quality of Service load balancing mode ..........................................7-9
Using the Dynamic Ratio option ..................................................................................... 7-12
Configuring load balancing ......................................................................................................... 7-14
Configuring load balancing methods for wide IPs ....................................................... 7-14
Configuring load balancing methods for pools ............................................................. 7-15
Using the fallback load balancing method ............................................................................... 7-16
Configuring the fallback load balancing method .......................................................... 7-16
Employing additional load balancing options ......................................................................... 7-18
8
Managing Connections
Introducing connection management .........................................................................................8-1
Determining resource health .......................................................................................................8-2
Determining resource availability ................................................................................................8-3
Establishing limit settings ......................................................................................................8-3
Using monitors to determine availability ..........................................................................8-4
Managing dependencies for virtual servers ......................................................................8-7
Resuming connections to resources ....................................................................................... 8-10
Establishing persistent connections ......................................................................................... 8-11
Draining persistent requests ............................................................................................ 8-11
Setting the last resort pool ........................................................................................................ 8-12
9
Working with Topologies
Overview of topologies .................................................................................................................9-1
Understanding topologies ....................................................................................................9-1
Implementing topologies ......................................................................................................9-2
Setting up and removing topology records ...............................................................................9-3
Removing topology records ................................................................................................9-4
Using topology load balancing in a wide IP ...............................................................................9-5
Using topology load balancing in a pool ....................................................................................9-6
Understanding user-defined regions ...........................................................................................9-7
Other load balancing options for topologies ............................................................................9-8
10
Configuring Monitors
Introducing monitors .................................................................................................................. 10-1
Summary of monitor types ............................................................................................... 10-2
Overview of monitor settings .......................................................................................... 10-4
Understanding pre-configured and custom monitors ................................................ 10-4
Creating a custom monitor ....................................................................................................... 10-7
Configuring monitor settings .................................................................................................... 10-8
Simple monitors .................................................................................................................. 10-8
Extended Content Verification (ECV) monitors ....................................................... 10-10
External Application Verification (EAV) monitors .................................................... 10-13
Special configuration considerations ..................................................................................... 10-35
Setting destinations ........................................................................................................... 10-35
Using transparent and reverse modes ......................................................................... 10-35
Associating monitors with resources .................................................................................... 10-37
Types of monitor associations ....................................................................................... 10-37
Managing monitors ..................................................................................................................... 10-39
Displaying monitor settings ............................................................................................ 10-39
Deleting monitors ............................................................................................................. 10-39
Enabling and disabling monitor instances .................................................................... 10-40
4
Table of Contents
11
Viewing Statistics
Introducing statistics ................................................................................................................... 11-1
Accessing statistics ....................................................................................................................... 11-2
Viewing the Status Summary screen ........................................................................................ 11-3
Understanding the types of statistics ...................................................................................... 11-4
Distributed application statistics ..................................................................................... 11-4
Wide IP statistics ................................................................................................................ 11-6
Pool statistics ....................................................................................................................... 11-7
Data center statistics ......................................................................................................... 11-8
Link statistics ...................................................................................................................... 11-10
Server statistics ................................................................................................................. 11-11
Virtual server statistics .................................................................................................... 11-12
Paths statistics .................................................................................................................... 11-13
Local DNS statistics ......................................................................................................... 11-14
Understanding persistence records ....................................................................................... 11-16
12
Collecting Metrics
Introducing metrics collection .................................................................................................. 12-1
Defining metrics ........................................................................................................................... 12-2
Assigning probes to local domain name servers ................................................................... 12-3
Configuring TTL and timer values ............................................................................................ 12-5
Excluding LDNS servers from probes .................................................................................... 12-7
Removing LDNS servers from the address exclusion list ......................................... 12-7
13
Managing iRules
Introducing iRules for the Global Traffic Manager ............................................................... 13-1
What is an iRule? ................................................................................................................ 13-1
Creating iRules ............................................................................................................................. 13-2
Assigning iRules ............................................................................................................................ 13-3
Controlling iRule evaluation ...................................................................................................... 13-4
Specifying events ................................................................................................................. 13-4
Using the when keyword .................................................................................................. 13-4
Listing iRules on wide IPs .................................................................................................. 13-5
Using statement commands ....................................................................................................... 13-6
Using wide IP commands ........................................................................................................... 13-7
Using utility commands ............................................................................................................... 13-8
Parsing and manipulating content .................................................................................... 13-8
Ensuring data integrity ....................................................................................................... 13-8
Retreiving resource information ..................................................................................... 13-9
Using protocol commands ......................................................................................................... 13-9
IP commands ........................................................................................................................ 13-9
TCP commands ................................................................................................................. 13-10
UDP commands ................................................................................................................ 13-10
Removing iRules ......................................................................................................................... 13-11
14
Managing DNS Files with ZoneRunner
Introducing ZoneRunner ............................................................................................................ 14-1
Working with DNS and BIND ........................................................................................ 14-1
Understanding ZoneRunner tasks .................................................................................. 14-1
Working with zone files ............................................................................................................. 14-2
Types of zone files .............................................................................................................. 14-2
Creating zone files .............................................................................................................. 14-2
Importing zone files ............................................................................................................ 14-7
Modifying zones ................................................................................................................... 14-9
Deleting zones ................................................................................................................... 14-10
Working with resource records ............................................................................................ 14-11
Types of resource records ............................................................................................. 14-11
Creating resource records ............................................................................................. 14-12
Modifying a resource record .......................................................................................... 14-17
Working with views .................................................................................................................. 14-18
Adding views ...................................................................................................................... 14-19
Modifying views ................................................................................................................. 14-19
Deleting views ................................................................................................................... 14-20
Adding zones to views ..................................................................................................... 14-20
Managing the named.conf file .................................................................................................. 14-22
A
Working with the big3d Agent
Introducing the big3d agent .........................................................................................................A-1
Collecting path data and server performance metrics ..........................................................A-2
Setting up data collection with the big3d agent .............................................................A-2
Understanding the data collection and broadcasting sequence .................................A-3
Setting up communication between Global Traffic Managers and other servers ...........A-5
Setting up iQuery communications for the big3d agent ..............................................A-5
Allowing iQuery communications to pass through firewalls .....................................A-5
Communications between Global Traffic Managers, big3d agents, and
local DNS servers .................................................................................................................A-6
B
Understanding Probes
Introducing probes ........................................................................................................................ B-1
Understanding iQuery .................................................................................................................. B-2
Determining probe responsibility .............................................................................................. B-3
Selecting a big3d agent .................................................................................................................. B-5
Designating a specific server ....................................................................................................... B-7
Managing LDNS probes ................................................................................................................ B-8
Glossary
Index
6
1
Introducing the Global Traffic Manager
1-2
Introducing the Global Traffic Manager
The following is a list of the resources that the Global Traffic Manager
manages:
◆ Virtual server
A virtual server is a collection of IP addresses and port combinations
that, together, provide access to an application or data source on your
network. These collections are called virtual servers because they might
span more than one physical machine, or might be a subset of available
ports on a single machine.
◆ Server
A server is a a physical device that manages one or more virtual servers.
An example of a server is the Local Traffic Manager; however, the
Global Traffic Manager can manage other server types as well, such as a
Windows 2000 Server.
◆ Listener
To manage your network traffic, the Global Traffic Manager also
requires that you configure an additional resource: a listener. A listener
instructs the Global Traffic Manager to listen for network traffic destined
for a specific IP address. Listeners are critical for the Global Traffic
Manager; without them, the Global Traffic Manager does not know what
traffic it must manage and what traffic it can safely ignore.
◆ Link
A link is a physical device that connects your network to the rest of the
Internet. Often, links are logically attached to a collection of servers for
managing access to your data sources.
◆ Data center
A data center is a logical collection of both servers and links. Typically,
data centers represent devices that reside in a physical location.
◆ Pool
A pool is a collection of multiple virtual servers. The Global Traffic
Manager uses pools to load balance incoming network traffic among
multiple virtual servers. Pools differentiate from servers in that a pool
can encompass virtual servers on multiple servers on the network. This
provides you with more significant load balancing granularity, because
you can load balance across multiple pools of virtual servers and then
have the appropriate server load balance across the virtual servers
themselves.
◆ Wide IP
A wide IP is a collection of one or more pools. Through the use of wide
IPs, you can load balance network traffic between multiple pools.
◆ Distributed application
A distributed application is a collection of wide IPs, data centers, and
links, and is the highest-level component that the Global Traffic Manager
supports. You can configure the availability of distributed applications to
be dependent on a specific data center, link, or server. For example, if
you configure a data center to have its availability depend on a link, and
that link goes down, the Global Traffic Manager considers the
application to be unavailable.
Through the configuration of wide IPs and pools, you can use the Global
Traffic Manager to load balance across a collection of resources, while
distributed applications, data centers, and servers give you visibility into the
performance and availability of these sources.
Security features
The Global Traffic Manager offers a variety of security features that can
help prevent hostile attacks on your site or equipment.
◆ Secure administrative connections
The Global Traffic Manager supports Secure Shell (SSH) administrative
connections for remote administration from the command line. The
1-4
Introducing the Global Traffic Manager
Configuration scalability
The Global Traffic Manager is a highly scalable and versatile solution. You
can configure the Global Traffic Manager to manage up to several hundred
domain names, including full support of domain name aliases. The Global
Traffic Manager supports a variety of media options, including Fast
Ethernet, and Gigabit Ethernet; the Global Traffic Manager also supports
multiple network interface cards that can provide redundant or alternate
paths to the network.
The big3d agent offers a variety of configuration options that allow you to
choose the data collection methods you want to use. For example, you can
configure the big3d agent to track the number of router hops (intermediate
system transitions) along a given network path, and you can also set the
big3d agent to collect host server performance information using the SNMP
protocol. For further details on the big3d agent, refer to Appendix A,
Working with the big3d Agent.
Note
1-6
Introducing the Global Traffic Manager
Note
We highly recommend that you first review the BIG-IP® Network and
System Management Guide to familiarize yourself with the basic
functionality of BIG-IP systems, which include Global Traffic Manager
systems.
Additional information
In addition to this guide, there are other sources of documentation you can
use in order to work with the BIG-IP system. The information is contained
in the guides and documents described below. The following printed
documentation is included with the BIG-IP system.
◆ Configuration Worksheet
This worksheet provides you with a place to plan the basic configuration
for the BIG-IP system.
◆ BIG-IP Quick Start Instructions
This pamphlet provides you with the basic configuration steps required
to get the BIG-IP system up and running in the network.
1-8
Introducing the Global Traffic Manager
The following guides are available in PDF format from the Ask F5SM web
site, http://tech.f5.com. These guides are also available from the first Web
page you see when you log in to the administrative web server on the
BIG-IP system.
◆ Platform Guide
This guide includes information about the BIG-IP hardware. It also
contains important environmental warnings.
◆ Installation, Licensing, and Upgrades for BIG-IP Systems
This guide provides detailed information about installing upgrades to the
BIG-IP system. It also provides information about licensing the BIG-IP
system software and connecting the system to a management workstation
or network.
It is important to note that the Global Traffic Manager often co-exists with
other BIG-IP system modules, such as a Local Traffic Manager or a Link
Controller. Consequently, you might see features in the Configuration utility
that are not described in this guide. See Finding help and technical support
resources, on page 1-13 for a list of other guides that will help you learn
about the BIG-IP system.
1 - 10
Introducing the Global Traffic Manager
Browser support
The Configuration utility, which provides web-based access to the Global
Traffic Manager configuration and features, supports the following browser
versions:
• Netscape Navigator 7.1, and other browsers built on the same engine,
such as Mozilla™, FireFox™, and Camino™.
• Microsoft® Internet Explorer®, version 6.x
\
Continue to the next line without typing a line break.
< >
You enter text for the enclosed item. For example, if the command
has <your name>, type in your name.
|
Separates parts of a command.
[ ]
Syntax inside the brackets is optional.
...
Indicates that you can type a series of items.
1 - 12
Introducing the Global Traffic Manager
Note
1 - 14
2
Setting up the Global Traffic Manager
• Configuring auto-discovery
Note
You can access the BIG-IP® Network and System Management Guide by
visiting the Ask F5SM web site: tech.F5.com.
Once you have the basic network settings configured, you can work on
setting up the Global Traffic Manager itself. The setup tasks associated with
the Global Traffic Manager include:
• Defining the Global Traffic Manager
• Establishing communications between the Global Traffic Manager and
other BIG-IP systems
• Configuring synchronization settings
• Configuring global monitoring options
• Controlling DNS queries
Once you complete these tasks, you are ready to work on the configuration
tasks that allow your network to get the full benefit of the features of the
Global Traffic Manager. We recommend you review Chapter 3, Reviewing
Global Traffic Manager Components, which provides an overview of these
configuration tasks and includes links to other sections of this guide that
provide more detailed information.
2-2
Setting up the Global Traffic Manager
Protocols iQuery
2-4
Setting up the Global Traffic Manager
Protocols SNMP
When you set up the Global Traffic Manager to communicate with external
systems, you must complete one or more of the following tasks:
• Define the systems in the Global Traffic Manager. This task applies
regardless of whether the system is a BIG-IP system, or a third-party
system.
• Run the gtm_add utility. This utility is designed for situations in which
you are installing the system in a network that already has one or more
Global Traffic Managers running.
• Run the big3d_install utility. This utility ensures that the Global Traffic
Manager and other BIG-IP systems use the same version of the big3d
utility, and establishes that these systems are authorized to exchange
information.
• Run the bigip_add utility. If you are certain that the other BIG-IP
systems on the network use the same version of the big3d utility as the
Global Traffic Manager, you can run the bigip_add utility instead of the
big3d_install utility. The bigip_add utility authorizes communications
between the Global Traffic Manager and other BIG-IP systems on the
network.
The script logs in to the specified Global Traffic Manager and acquires its
configuration files, including relevant SSL certificates. You can then add the
Global Traffic Manager to the appropriate synchronization group.
2-6
Setting up the Global Traffic Manager
2-8
Setting up the Global Traffic Manager
Activating synchronization
Activating synchronization for the Global Traffic Manager has an
immediate affect on its configurations, provided that another Global Traffic
Manager is already available on the network. We recommend that you
activate synchronization after you have finished configuring one of the
systems.
To activate synchronization
1. On the Main tab of the navigation pane, expand System and then
click General Properties.
The general properties screen opens.
2. From the Global Traffic menu, choose General.
The general global properties screen opens.
3. Check the Synchronization check box.
4. Click the Update button to save your changes.
2 - 10
Setting up the Global Traffic Manager
Note
When you change the name of a synchronization group, the new name is
synchronized to all systems that belong to that synchronization group.
Configuring auto-discovery
A large network might consist of hundreds of virtual servers. Keeping track
of these virtual servers can be a time-consuming process itself. The Global
Traffic Manager includes a means of simplifying the addition of new virtual
servers into a network: auto-discovery. Auto-discovery is a process through
which the Global Traffic Manager identifies a resource automatically so you
can manage it.
The Global Traffic Manager can discover two types of resources: virtual
servers and links. Each resource is discovered on a per-server basis, so you
can employ auto-discovery only on the servers you specify.
The auto-discovery feature of the Global Traffic Manager has four modes
that control how the system identifies resources. These modes are:
• Disabled. In this mode, the Global Traffic Manager does not attempt to
discover any resources.
• Enabled. In this mode, the Global Traffic Manager regularly checks the
server to discover any new resources. If a previously-discovered resource
cannot be found, the Global Traffic Manager deletes it from the system.
• Enabled (No Delete). In this mode, the Global Traffic Manager
constantly checks the server to discover any new resources. Unlike the
Enabled mode, the Enabled (No Delete) mode does not delete
resources, even if the system cannot currently verify their presence.
• One Time Discovery. In this mode, the Global Traffic Manager checks
once for any new resources. This mode is useful during the initial
configuration and setup of the Global Traffic Manager.
Note
You interact with the auto-discovery feature in two ways. You can:
• Enable auto-discovery
• Set the discovery frequency
Note
2 - 12
Setting up the Global Traffic Manager
Enabling auto-discovery
Before you can use the Global Traffic Manager to discover virtual servers or
links, you must enable auto-discovery on the system itself. If you do not
enable auto-discovery, the Global Traffic Manager does not discover new
resources, even you enable discovery on the server level. Auto-discovery is
enabled by default for the Global Traffic Manager.
To enable auto-discovery
1. On the Main tab of the navigation pane, expand System and then
click General Properties.
The general properties screen opens.
2. From the Global Traffic menu, choose General.
The general global properties screen opens.
3. Check the Auto-Discovery check box.
4. Click the Update button to save your changes.
While monitors supply information you need to ensure that network traffic
moves efficiently across the network, they do so at the cost of increasing
that network traffic. These settings allow you to control this increase.
2 - 14
Setting up the Global Traffic Manager
Note
2 - 16
3
Reviewing Global Traffic Manager
Components
Once this basic configuration is complete, the Global Traffic Manager has
enough information available to direct DNS traffic, although obviously in a
very limited sense. You can increase the system’s capabilities by adding
additional network components as appropriate.
The components that you define in the Global Traffic Manager can be
divided into two basic categories:
• Physical components
• Logical components
Data centers
Data centers are the top level of your physical network setup. You must
configure one data center for each physical location in your global network.
The data center element of your configuration defines the servers (Global
Traffic Managers, Local Traffic Managers, hosts, and routers) that reside at
that location.
A data center can contain any type of server. For example, one data center
could contain a Global Traffic Manager and a host, while another could
contain two Global Traffic Manager systems and eight Local Traffic
Manager systems.
For information about configuring data centers, see Managing data centers,
on page 5-2.
Servers
The data center servers that you define in the network setup include both
BIG-IP systems and third-party servers. One server component that you
must define is the Global Traffic Manager itself, so it knows its place in the
network map. You can also define Local Traffic Managers, and the virtual
servers that these servers manage. Virtual servers are the ultimate
destination for connection requests.
For information about configuring servers, see Managing servers, on page
5-5.
Links
Each data center in your network has at least one connection to the Internet.
Within the Global Traffic Manager, these connections are identified as links.
You can assign as many links to the appropriate data centers as needed.
Configuring links is optional for the Global Traffic Manager, although they
are very useful when determining resource availability.
For information about configuring links, see Managing links, on page 5-21.
3-2
Reviewing Global Traffic Manager Components
Virtual servers
Any server, excluding Global Traffic Managers and Link Controllers,
contains at least one virtual server. A virtual server, in the context of the
Global Traffic Manager, is a specific IP address and port number that points
to a resource on the network. In the case of host servers, this IP address and
port number likely point to the resource itself. With load balancing systems,
such as the Local Traffic Manager, these virtual servers are often proxies
that allow the load balancing server to manage the resource request across a
multitude of resources.
For information about configuring virtual servers, see Managing virtual
servers, on page 5-19.
Listeners
To communicate with the rest of your network, you must configure the
Global Traffic Manager so that it can correctly identify the resolution
requests for which it is responsible. A listener is a resource that instructs the
Global Traffic Manager to listen for requests destined to a specific IP
address. In most installations, the listener you define for the Global Traffic
Manager is the same as its IP address; however, there are many different
ways you can configure listeners so that the Global Traffic Manager handles
DNS traffic correctly.
For more information on configuring listeners, see Chapter 4, Working with
Listeners.
Wide IPs
One of the most common logical components you create in the Global
Traffic Manager is a wide IP. A wide IP maps a domain name to a collection
of pools, and it specifies the load balancing modes that the Global Traffic
Manager uses to choose a select a pool.
Pools
When you define the virtual servers to which the Global Traffic Manager
directs DNS traffic, you will want to combine those virtual servers into
specific groups, or pools. You can then configure the Global Traffic
Manager to direct traffic to a virtual server within a pool using a specific
load balancing method.
One of the important aspects of pools that you must consider is that any
virtual server you add to that pool becomes a pool member. A pool member
is a representation of a virtual server within a pool. This distinction is
important because you can apply monitors, iRules, and other configuration
options to a pool member, and then apply a different set of options to the
same resource as a virtual server.
For more information about configuring pools and pool members, see
Setting up pools, on page 6-3.
Distributed applications
In situations where the Global Traffic Manager is configured with several
wide IPs, you can organize wide IPs that share responsibilities into a
comprehensive whole, or distributed application. A distributed application
is a collection of one or more wide IPs. Through a distributed application,
you can arrange dependencies based on the data centers, servers, and links
that compose each wide IP. For example, if the New York data center goes
offline, this information causes the wide IP and its corresponding distributed
application to become unavailable. Consequently, the Global Traffic
Manager does not send any resolution requests to any of these resources,
until the entire application becomes available again.
For more information about configuring distributed applications, see Setting
up distributed applications, on page 6-18.
3-4
4
Working with Listeners
• Introducing listeners
• Modifying listeners
• Deleting listeners
Introducing listeners
Before you can fully configure the Global Traffic Manager to handle name
resolution requests, you must determine how the system integrates within
your existing network. Part of this integration includes identifying what
network traffic is relevant to the Global Traffic Manager and how the
system responds to this traffic. In general, you have two options when
handling traffic with the Global Traffic Manager:
• The Global Traffic Manager receives the traffic, processes it locally, and
sends the appropriate DNS response back to the querying server. Global
Traffic Managers with this configuration are considered to be running in
node mode.
• The Global Traffic Manager receives the traffic and forwards it; either to
another part of the network or another DNS server. Global Traffic
Managers with this configuration are considered to be running in either
bridge mode or router mode, depending on where the system is
forwarding network traffic.
To control how the Global Traffic Manager handles network traffic, you
configure one or more listeners. A listener is a specialized resource that is
assigned a specific IP address and uses port 53, the DNS query port. When
traffic is sent to that IP address, the listener alerts the Global Traffic
Manager, allowing it to handle the traffic locally or forward the traffic to the
appropriate resource.
Tip
If you are familiar with the Local Traffic Manager, it might be helpful to
consider a listener as a specialized type of virtual server that is responsible
for handling traffic for the Global Traffic Manager.
Also, if you configure user accounts using the Local Traffic Manager, you
will find that you can assign listeners, like other virtual servers, to specific
partitions. We do not recommend this practice, as listeners play an
important role in global traffic management. Consequently, we recommend
that you assign all listeners to the Common partition.
You control how the Global Traffic Manager responds to network traffic on
a per-listener basis. For example, a single Global Traffic Manager can be the
authoritative server for one domain, while forwarding other requests to a
separate DNS server. Regardless of how many listeners you configure for
the Global Traffic Manager, the system always manages and responds to
requests for any wide IPs that you have configured on it.
4-2
Working with Listeners
Modifying listeners
After you create a listener, you can access its settings, changing them as
needed. Common instances in which you need to modify a listener include
adding an additional VLAN, or modifying the IP address of the listener.
To modify a listener
1. On the Main tab of the navigation pane, expand Global Traffic and
then click Listeners.
The main listeners screen opens.
2. Click the name of the listener.
The properties screen for that listener appears.
3. Modify the settings for the listener.
4. Click the Update button to save your changes to the listener.
4-4
Working with Listeners
Deleting listeners
In the event that a listener is no longer needed within the Global Traffic
Manager, you can delete it.
To delete a listener
1. On the Main tab of the navigation pane, expand Global Traffic and
then click Listeners.
The main listeners screen opens.
2. Check the Select check box that corresponds to the listener entry.
3. Click the Delete button.
A confirmation screen appears.
4. Click the Delete button to delete the listener.
Note
For more information about BIG-IP systems and VLANs, see the BIG-IP®
Network and System Management Guide.
4-6
Working with Listeners
Once integrated into the network, the Global Traffic Manager will be
responsible for the following:
• Managing and responding to requests for the wide IPs
• Forwarding other DNS traffic to the existing DNS server
• Forwarding any traffic from the guests VLAN to the rest of the network
As you can see from this example, the role the Global Traffic Manager plays
in managing DNS traffic varies depending on the listener through which the
traffic arrives. This results in the Global Traffic Manager becoming a
flexible system for managing DNS traffic in a variety of ways.
4-8
5
Defining the Physical Network
• Managing servers
• Managing links
Defining the Physical Network
A data center defines the group of Global Traffic Managers, Local Traffic
Managers, and host systems that reside in a single physical location. Within
the Global Traffic Manager, a data center contains at least one server and
one link. Every resource, whether physical or logical, is associated in some
way with a data center.
A server defines a specific system on the network. A system can be a single
Global Traffic Manager, Local Traffic Manager, or host system. Within the
Global Traffic Manager, a server, with the exception of Global Traffic
Managers and Link Controllers, must also contain at least one virtual server.
A virtual server, in the context of the Global Traffic Manager, is a
combination of IP address and port number that points to a specific resource
on the network.
A link defines a physical connection to the Internet. Links are associated
with one or more routers on the network. The Global Traffic Manager tracks
the performance of links, which in turn can dictate the overall availability of
a given pool, data center, wide IP, or distributed application.
This chapter describes how to define the physical components that make up
your network, including setting up data centers, servers, and links.
5-2
Defining the Physical Network
You can enable or disable a data center manually, allowing you to remove a
data center temporarily from the Global Traffic Manager’s load balancing
operations; for example, during a maintenance period. When the
maintenance period has ended, you can enable the data center, allowing the
Global Traffic Manager to consider the resources of that data center when
load balancing connection requests.
5-4
Defining the Physical Network
Managing servers
A server defines a specific system on the network. In the Global Traffic
Manager, servers are not only physical entities that you can change and
modify as needed; they also house the virtual servers that are the ultimate
destinations of name resolution requests. In essence, servers are the core of
the physical components that you manage with the Global Traffic Manager.
The Global Traffic Manager supports three types of servers:
◆ BIG-IP systems
A BIG-IP system can be a Global Traffic Manager (including the current
Global Traffic Manager), a Local Traffic Manager, or a Link Controller.
◆ Third-party load balancing systems
A third-party load balancing system is any system, other than a BIG-IP
system, that supports and manages virtual servers on the network. See
Defining load balancing servers, on page 5-9 for information on how to
define these servers and a list of supported load balancing servers.
◆ Third-party host servers
A third-party host system is any server resource on the network that does
not support virtual servers. See Defining host servers, on page 5-11 for
information on how to define these servers and a list of supported host
servers.
At a minimum, you must set up the following servers on the Global Traffic
Manager:
• The current Global Traffic Manager
• A managed server (either a load balancing server or a host)
This section describes how to set up each server type in your network. The
setup procedures here assume that the servers are up and running in the
network, and that they already have virtual servers defined (if the server
manages virtual servers).
Important
If you have multiple Global Traffic Managers on your network, we
recommend that you define the current Global Traffic Manager first,
followed by any additional systems.
5-6
Defining the Physical Network
Regardless of whether the Local Traffic Manager shares the same hardware
as the Global Traffic Manager, you should ensure that you have the
following information available before you define the system:
• The self IP addresses and translations of the Local Traffic Manager’s
interfaces
• The IP address and service name or port number of each virtual server
managed by the Local Traffic Manager, only if you do not want to use
auto-configuration to discover the Local Traffic Manager’s virtual
servers
Important
If your installation of the Global Traffic Manager resides on the same
system as a Local Traffic Manager, you define only one BIG-IP server. This
server entry represents both the Global Traffic Manager and Local Traffic
Manager modules.
5-8
Defining the Physical Network
Note
If your network uses a load balancing server not found on this list, you can
use the Generic Load Balancer option. See Using the generic load balancer
option, on page 5-10.
5 - 10
Defining the Physical Network
Note
If your network uses a host server not found on this list, you can use the
Generic Load Balancer option. See Using the generic host server option, on
page 5-12.
5 - 12
Defining the Physical Network
If the server is not part of the BIG-IP product family, such as a generic host
server, the available thresholds are:
• CPU
• Memory
• Bits
• Packets
• Current Connections
Note
You can also set limits on virtual server resources. If a server meets or
exceeds its limits, both the server and the virtual servers it manages are
marked as unavailable for load balancing. You can quickly review the
availability of any of your servers or virtual servers in the Statistics screens.
5 - 14
Defining the Physical Network
4. For Limit Settings, select Enabled from the list that corresponds to
the threshold you want to use.
A new setting appears.
5. Type the appropriate value for each threshold.
6. Click the Update button to save your changes.
Note
You can also set limits on pool members. If a pool meets or exceeds its
limits, both the pool and the pool members it manages are marked as
unavailable for load balancing. You can quickly review the availability of
any of your pools or pool members in the Statistics screens.
5 - 16
Defining the Physical Network
The discovery feature of the Global Traffic Manager supports four settings:
◆ Disabled
When the Discovery setting is set to Disabled, the Global Traffic
Manager does not collect any configuration information from the
relevant system in the network. Instead, you must make all changes to the
configuration manually. This is the default setting.
◆ Enabled
When the Discovery setting is set to ON, the Global Traffic Manager
polls the relevant system every 30 seconds to update the configuration
information for those systems. Any changes, additions, or deletions are
then made to the controller's configuration.
◆ Enabled/No Delete
When the Discovery setting is set to Enabled/No Delete, the Global
Traffic Manager polls the relevant system in the network every 30
seconds to update the configuration information for those systems. Any
changes or additions are then made to the controller's configuration. Any
deletions in the configuration are ignored. This setting is helpful if you
want to take systems in and out of service without modifying the Global
Traffic Manager configuration.
◆ One-time Discovery
When the Discovery setting is set to One-time Discovery, the Global
Traffic Manager polls the relevant system once to update the
configuration information for that system. After this initial discovery, the
Global Traffic Manager does not poll the system for changes that might
have occurred. This feature is useful when you are first installing the
Global Traffic Manager on the network and you have a lot of resources
to add in, but do not want to have the discovery feature on continually.
Depending on the server you are configuring, you have two discovery
options available:
• On BIG-IP Systems, specifically Local Traffic Managers, you can enable
discovery for virtual servers and links.
• On load balancing servers, you can enable discovery for virtual servers
only.
Note
The Global Traffic Manager requires that each virtual server have a unique
name. In instances where the autodiscovery process finds two virtual
servers with the same name, it modifies the name by creating a new name
using the pattern, <server name>_<bigip system name>. In the even that
this does not resolve the name conflict, the system appends a number to the
name. For example, <server name>_<bigip system name>_1.
2. Click the name of the server for which you want to discover virtual
servers.
The properties screen for that server appears.
3. On the menu bar, click Virtual Servers.
The virtual servers screen opens.
4. From the Virtual Server Discovery list, select the appropriate
setting.
If you select Disabled, the virtual server list appears, which
provides options for adding virtual servers manually.
5. Click the Update button to save your changes.
To discover links
You can enable discovery for links only on BIG-IP systems.
1. On the Main tab of the navigation pane, expand Global Traffic and
click Servers.
The main screen for servers opens.
2. Click the name of the server for which you want to discover links.
The properties screen for that server opens.
3. On the menu bar, click Virtual Servers.
The virtual servers screen opens.
4. From the Link Discovery option, select the appropriate setting.
5. Click the Update button to save your changes.
5 - 18
Defining the Physical Network
Note
When you add virtual servers to the Global Traffic Manager, you must
ensure that each virtual server has a unique name.
5 - 20
Defining the Physical Network
Managing links
A link defines a physical connection to the Internet that is associated with
one or more routers on the network. When you configure the links that you
want to load balance in the Global Traffic Manager. you add a link entry
into the Global Traffic Manager and associating one or more routers with
that entry. In addition, you can also configure monitors to check certain
metrics associated with the link, and modify how the Global Traffic
Manager selects a link for network traffic
You can interact with links in the Global Traffic Manager in a variety of
ways. You can:
• Define a link
• Add routers to a link
• Assign monitors to a link
• Configure link weighting and billing properties
Defining links
Before you can load balance inbound and outbound traffic, you must
configure the basic link properties. The following procedure describes how
to configure the basic properties of a link.
To configure a link
1. On the Main tab of the navigation pane, expand Global Traffic and
click Links.
The main screen for links opens.
2. In the Name box, type a name that identifies the link.
3. For Router Address List, add the router address of the link.
To add the router address, type the address in the Address box, and
then click Add. You can add more than one address to any given
link, depending on how that server interacts with the rest of your
network.
4. From the Data Center list, select the appropriate data center.
A link must be associated with a data center.
5. Configure the other link options as needed.
For detailed information on these options, see the online help.
6. Click the Create button to create the link.
5 - 22
Defining the Physical Network
Important
You can use either the price weighting option or the ratio weighting option
to load balance your link traffic for all of your links. You cannot use both
options. Regardless of which weighting option you use, you must use the
same weighting option for all links.
5 - 24
6
Defining the Logical Network
• Setting up pools
Note
If one of these virtual servers was managed by a load balancing server, the
IP address and port number would likely point to a proxy on which the load
balancing server listened for connection requests. In that case, the load
balancing server would manage the connection to the appropriate resource.
6-2
Defining the Logical Network
Setting up pools
A pool represents one or more virtual servers that share a common role on
the network. A virtual server, in the context of the Global Traffic Manager,
is a combination of IP address and port number that points to a specific
resource on the network.
The Global Traffic Manager considers any virtual servers that you add to a
pool to be pool members. A pool member is a virtual server that has specific
attributes that pertain to the virtual server only in the context of that pool.
Through this differentiation, you can customize settings, such as thresholds,
dependencies, and health monitors, for a given virtual server on a per-pool
basis.
As an example of the difference between pool members and virtual servers,
consider the fictional company SiteRequest. In the London data center, the
IT team has a virtual server that acts as a proxy for a Local Traffic Manager.
This virtual server provides the main resources for name resolution requests
for the company’s main Web page that originate from Europe. This same
virtual server provides backup resources for name resolution requests that
originate from the United States. Because these are two distinctly different
roles, the virtual server is a pool member in two different pools. This
configuration allows the IT team to customize the virtual server for each
pool to which it belongs, without modifying the actual virtual server itself.
As described in Chapter 5, Defining the Physical Network, you can add
virtual servers to the Global Traffic Manager only by first defining a server
that represents a physical component of your network. Once you add these
virtual servers, however, you can divide them into as many or as few pools
as needed.
You interact with pools in a variety of ways. You can:
• Define pools
• Add virtual servers to pools
• Remove virtual servers from pools
• Organize virtual servers within pools
• Weight virtual servers within pools
• Disable or enable pools
Defining pools
The first step in working with pools is defining them. The basic definition of
a pool is a name and at least one virtual server. You can expand on this
definition by assigning specific load balancing methods, a fallback IP
address (in the event that the load balancing methods fail to return a valid
virtual server), and one or more health monitors, which use various methods
to determine if the virtual servers within the pool are available.
To define a pool
1. On the Main tab of the navigation pane, expand Global Traffic and
then click Pools.
The main pools screen opens.
2. Click the Create button.
3. In the Name box, type a name for the pool.
4. In the Members area, for Member List, add the virtual servers that
belong to this pool.
Note that a virtual server can belong to more than one pool.
5. Configure the remaining pool settings.
For additional assistance with these settings, please see the online
help.
6. Click the Finished button to save the new pool.
Repeat this process for each pool that you want to create.
6-4
Defining the Logical Network
6. Click the Finished button to update the pool with the new virtual
server.
Global Traffic Manager to select the first virtual server in the pool until it
reaches capacity or goes offline, at which point it selects the next virtual
server until the first pool becomes available again.
See Chapter 7, Load Balancing with the Global Traffic Manager for more
information on load balancing methods that the Global Traffic Manager
supports.
If you use one of these load balancing methods, you may want to arrange the
order in which virtual servers are listed in a pool at any time. When you
organize your virtual servers in conjunction with these load balancing
methods, you can ensure that your most robust virtual server always
receives resolution requests, while the other virtual servers act as backups in
case the primary virtual server becomes unavailable.
6-6
Defining the Logical Network
Notice that the total of all the weights in this pool is 100. Each time the
Global Traffic Manager selects this pool, it load balances across all three
virtual servers. Over time, the load balancing statistics for this pool will
appear as follows:
• Virtual server 1: selected 50 percent of the time
• Virtual server 2: selected 25 percent of the time
• Virtual server 3: selected 25 percent of the time
This pattern exists because the weight value, 50, is 50 percent of the total
weight for all virtual servers (100), while the weight value, 25, is 25 percent
of the total.
For information on the Ratio mode and other load balancing methods, see
Chapter 7, Load Balancing with the Global Traffic Manager.
6. In the Ratio box, type a numerical value that represents the weight
of the virtual server as compared to other virtual servers within the
same pool. The higher the value in this setting, the greater the
frequency at which the Global Traffic Manager selects the virtual
server.
7. Click the Add button to add the virtual server, with ratio value, to
the pool.
8. Click the Finished button to save your changes.
To disable a pool
1. On the Main tab of the navigation pane, expand Global Traffic and
then click Pools.
The main pools screen opens.
2. Check the Select box for the pool that you want to enable.
3. Click the Disable button.
After a few seconds, the pool becomes disabled. You can verify that
the pool is disabled by looking at its status icon, located in the
Status column in the table of pools. The status of a disabled pool is a
black square.
To enable a pool
1. On the Main tab of the navigation pane, expand Global Traffic and
then click Pools.
The main pools screen opens.
2. Check the Select check box for the pool that you want to enable.
3. Click the Enable button.
After a few seconds, the pool becomes enabled. The status icon of
the pool, located in the Status column in the table of pools, changes
to reflect the current availability of the pool. For example, a pool
that is enabled and verified as available by the Global Traffic
Manager has a status icon of a green circle.
6-8
Defining the Logical Network
To define a wide IP
1. On the Main tab of the navigation pane, expand Global Traffic and
then click Wide IPs.
The wide IP screen opens.
2. Click the Create button.
The New Wide IP screen opens.
3. In the Name box, type the fully-qualified domain name for the wide
IP.
4. In the Pools section, use the Pool List option to add the pools that
belong to this wide IP.
Note that a pool can belong to more than one wide IP.
5. Configure the remaining wide IP settings.
For additional assistance with these settings, please see the online
help.
6. Click the Finish button to save the new wide IP.
Repeat this process for each wide IP that you want to create.
◆ The asterisk ( * )
• You can use the asterisk to replace multiple consecutive characters,
with the exception of dots ( . ).
• You can use more than one asterisk in a wide IP name or alias.
• You can use both the question mark and the asterisk in the same wide
IP name or alias.
The following examples are all valid uses of the wildcard characters for the
wide IP name, www.mydomain.net.
• ???.mydomain.net
• www.??domain.net
• www.my*.net
• www.??*.net
• www.my*.*
• ???.my*.*
• *.*.net
• www.*.???
Note
6 - 10
Defining the Logical Network
Repeat this process for each pool that you want to add to the wide IP.
Repeat this process for each pool that you want to remove from the wide IP.
6 - 12
Defining the Logical Network
Notice that the total of all the weights in this wide IP is 100. Each time the
Global Traffic Manager selects this wide IP, it load balances across all three
pools. Over time, the load balancing statistics for this wide IP will appear as
follows:
• Pool 1: selected 50 percent of the time
• Pool 2: selected 25 percent of the time
• Pool 3: selected 25 percent of the time
This pattern exists because the weight value, 50, is 50 percent of the total
weight for all pools, while the weight value, 25, is 25 percent of the total.
For information on the Ratio mode and other load balancing methods, see
Chapter 7, Load Balancing with the Global Traffic Manager.
To disable a wide IP
1. On the Main tab of the navigation pane, expand Global Traffic and
then click Wide IPs.
The Wide IPs screen opens.
2. Check the Select box for the wide IP that you want to disable.
3. Click the Disable button.
After a few seconds, the wide IP becomes disabled. You can verify
that the wide IP is disabled by looking at its status icon, located in
the Status column in the table of wide IPs. The status of a disabled
wide IP is a black square.
To enable a pool
1. On the Main tab of the navigation pane, expand Global Traffic and
then click Wide IPs.
The wide IP screen opens.
2. Check the Select check box for the wide IP that you want to enable.
3. Click the Enable button.
After a few seconds, the wide IP becomes enabled. The status icon
of the pool, located in the Status column in the table of wide IP, will
change to reflect the current availability of the wide IP. For
example, a wide IP that is enabled and verified as available by the
Global Traffic Manager will have a status icon of a green circle.
Incorporating iRules
Wide IPs also support iRules™ for further managing and directing network
traffic. An iRule is a set of one or more Tcl-based expressions that direct
network traffic beyond load balancing operations.
A wide IP does not require iRules to operate effectively. However, iRules
are a powerful mechanism for customizing how the Global Traffic Manager
handles network connection requests.
You can interact with iRules in a variety of ways. You can:
• Add an iRule to a wide IP
• Remove an iRule from a wide IP
• Organize multiple iRules assigned to a wide IP
6 - 14
Defining the Logical Network
For information on creating iRules, please see Chapter 13, Managing iRules.
5. Use the iRules List option to select the iRule that you want to
remove and click Remove.
6. Click the Update button to save your changes to the wide IP.
Repeat this process for each iRule that you want to remove from the wide
IP.
Repeat this process until the iRules are listed in the necessary order.
6 - 16
Defining the Logical Network
AAAA record. After receiving this response, the client making the request
can re-send the request for the equivalent IPv4 A record instead. Using the
NoError response allows the client to send this request sooner and receive
the name resolution faster.
By default, the Global Traffic Manager does not send a NoError response
when it does not have a AAAA record for a given zone. However, you can
enable this response on a per-wide IP basis.
You can work with distributed applications in a variety of ways. You can:
• Define distributed applications
• Add wide IPs to distributed applications
• Remove wide IPs from distributed applications
• Set dependencies
• Enable and disable distributed application traffic
• Enable persistent connections
6 - 18
Defining the Logical Network
4. Use the Member List settings to add the wide IPs that belong to this
distributed application.
Note that a wide IP can belong to only one distributed application.
For more information on wide IPs, see Setting up wide IPs, on page
6-9.
5. Configure the remaining distributed application settings.
For additional assistance with these settings, please see the online
help.
6. Click the Finish button to create the distributed application.
Repeat this process for each distributed application that you want to create.
Note
a wide IP does not delete it from the Global Traffic Manager; it remains
available to the Global Traffic Manager when load balancing connection
requests.
Repeat this process for each wide IP that you want to add to the distributed
application.
6 - 20
Defining the Logical Network
Note
Note
6 - 22
Defining the Logical Network
6 - 24
7
Load Balancing with the Global Traffic
Manager
For each pool that you manage, the Global Traffic Manager supports three
types of load balancing methods: preferred, alternate, and fallback. The
preferred load balancing method is the load balancing mode that the system
will attempt to use first. If the preferred method fails to provide a valid
resource, the system uses the alternate load balancing method. Should the
alternate load balancing method also fail to provide a valid resource, the
system uses the fallback method.
One of the key differences between the alternate methods and the other two
load balancing methods is that only static load balancing modes are
available from the alternate load balancing list. This limitation exists
because dynamic load balancing modes, by definition, rely on metrics
collected from different resources. If the preferred load balancing mode does
not return a valid resource, it is highly likely that the Global Traffic
Manager was unable to acquire the proper metrics to perform the load
balancing operation. By limiting the alternate load balancing options to
static methods only, the Global Traffic Manager can better ensure that,
should the preferred method prove unsuccessful, the alternate method will
return a valid result.
Note
You can select static and dynamic load balancing modes for the fallback
load balancing method.
Table 7.1 shows a complete list of the supported load balancing modes, and
indicates where you can use each mode in the Global Traffic Manager
configuration. The following sections in this chapter describe how each load
balancing mode works.
Use for wide IP Use for preferred Use for alternate Use for fallback
Load Balancing mode load balancing method method method
Completion Rate X X
Global Availability X X X X
Hops X X
Kilobytes/Second X X
Least Connections X X
None X X
Packet Rate X X X
Quality of Service X X
Ratio X X X X
Return to DNS X X X
Round Robin X X X X
Static Persist X X X
Topology X X X X
CPU X X
Fallback IP X X X
7-2
Load Balancing with the Global Traffic Manager
Use for wide IP Use for preferred Use for alternate Use for fallback
Load Balancing mode load balancing method method method
Drop Packet X X X
VS Capacity X X X
The None and Return to DNS load balancing modes are special modes that
you can use to skip load balancing under certain conditions. The other static
load balancing modes perform true load balancing as described in the
following sections.
Note
We recommend that you use the Drop Packet load balancing mode only for
the fallback method. The Global Traffic Manager uses the fallback method
when the preferred and alternate load balancing modes do not provide at
least one virtual server to return as an answer to a query.
Fallback IP
When you specify the Fallback IP mode, the Global Traffic Manager returns
the IP address that you specify as the fallback IP as an answer to the query.
Note that the IP address that you specify is not monitored for availability
before being returned as an answer. When you use the Fallback IP mode,
you can specify a disaster recovery site to return when no load balancing
mode returns an available virtual server. We recommend that you use the
Fallback IP load balancing mode only for the fallback method. The Global
Traffic Manager uses the fallback method when the preferred and alternate
load balancing modes do not provide at least one virtual server to return as
an answer to a query.
None mode
The None load balancing mode is a special mode you can use if you want to
skip the current load balancing method, or skip to the next pool in a multiple
pool configuration. For example, if you set an alternate method to None in a
pool, the Global Traffic Manager skips the alternate method and
immediately tries the load balancing mode specified as the fallback method.
If the fallback method is set to None, and you have multiple pools
configured, the Global Traffic Manager uses the next available pool.
You could also use the mode to limit each pool to a single load balancing
mode. For example, you would set the preferred method in each pool to the
desired load balancing mode, and then you would set both the alternate and
fallback methods to None in each pool. If the preferred method fails, the
None mode in both the alternate and fallback methods forces the Global
Traffic Manager to go to the next pool for a load balancing answer.
7-4
Load Balancing with the Global Traffic Manager
Ratio mode
The Ratio load balancing mode distributes connections among a pool of
virtual servers as a weighted round robin. Weighted round robin refers to a
load balancing pattern in which the Global Traffic Manager rotates
connection requests among several resources based on a priority level, or
weight, assigned to each resource. For example, you can configure the Ratio
mode to send twice as many connections to a fast, new server, and only half
as many connections to an older, slower server.
The Ratio load balancing mode requires that you define a ratio weight for
each virtual server in a pool, or for each pool if you are load balancing
requests among multiple pools. The default ratio weight for a server or a
pool is set to 1.
This Hash algorithm orders the pool members in the list differently for each
LDNS that is passing traffic to the system taking into account the specified
CIDR of the LDNS. Thus, while each LDNS (and thus each client)
generally resolves to the same virtual server, the Global Traffic Manager
system distributes traffic across all of the virtual servers.
Note
When the selected virtual server becomes unavailable, the system resolves
requests to another virtual server. When the original virtual server becomes
available again, the system resolves requests to that virtual server.
Topology mode
The Topology load balancing mode allows you to direct or restrict traffic
flow by adding topology records to a topology statement in the
configuration file. When you use the Topology load balancing mode, you
can develop proximity-based load balancing. For example, a client request
in a particular geographic region can be directed to a data center or server
within that same region. The Global Traffic Manager determines the
proximity of servers by comparing location information derived from the
DNS message to the topology records.
This load balancing mode requires you to do some advanced configuration
planning, such as gathering the information you need to define the topology
records. The Global Traffic Manager contains an IP classifier that accurately
maps local DNS servers, so when you create topology records, you can refer
to continents and countries, instead of IP subnets.
See Chapter 9, Working with Topologies, for detailed information about
working with this and other topology features.
7-6
Load Balancing with the Global Traffic Manager
CPU mode
The CPU load balancing mode selects the virtual server that currently has
the most CPU processing time available to handle name resolution requests.
Hops mode
The Hops load balancing mode is based on the traceroute utility, and tracks
the number of intermediate system transitions (router hops) between a client
LDNS and each data center. Hops mode selects a virtual server in the data
center that has the fewest router hops from the Local DNS.
Kilobyte/Second mode
The Kilobytes/Second load balancing mode selects a virtual server that is
currently processing the fewest number of kilobytes per second.
Note
You can use the Kilobytes/Second mode only with servers for which the
Global Traffic Manager can collect the kilobytes per second metric.
See Chapter 12, Collecting Metrics, for details on the metrics the Global
Traffic Manager collects.
7-8
Load Balancing with the Global Traffic Manager
VS Capacity mode
The VS Capacity load balancing mode creates a list of the virtual servers,
weighted by capacity, then picks one of the virtual servers from the list. The
virtual servers with the greatest capacity are picked most often, but over
time all virtual servers are returned. If more than one virtual server has the
same capacity, then the Global Traffic Manager load balances randomly
selects from among those virtual servers when load balancing connections.
The Quality of Service mode has default settings that make it easy to use:
simply specify Quality of Service as your preferred load balancing mode.
There is no need to configure Quality of Service, but if you want to change
the settings, you can customize the equation to put more or less weight on
each individual factor. The following topics explain how to use and adjust
the various settings.
Note
In the event that one or more resources has an identical score based on the
Quality of Service critieria, the Global Traffic Manager load balances
connections between those resources using the Round Robin methodology. If
the system cannot determine a Quality of Service score, it load balances
connections across all pool members using the Round Robin methodology
as well.
Example Higher or
Coefficient How measured Default value upper limit lower?
7 - 10
Load Balancing with the Global Traffic Manager
If you change the default QOS coefficients, keep the following issues in
mind.
◆ Scale
The raw metrics for each coefficient are not on the same scale. For
example, completion rate is measured in percentages, while the packet
rate is measured in packets per second.
◆ Normalization
The Global Traffic Manager normalizes the raw metrics to values in the
range of 0 to10. As the QOS value is calculated, a high measurement for
completion rate is good, because a high percentage of completed
connections are being made, but a high value for packet rate is not
desirable because the packet rate load balancing mode attempts to find a
virtual server that is not overly taxed at the moment.
• Emphasis
You can adjust coefficients to emphasize one normalized metric over
another. For example, consider the following QOS configuration:
In this configuration, if the completion rates for two virtual servers are
close, the virtual server with the best packet rate is chosen. If both the
completion rates and the packet rates are close, the round trip time (RTT)
breaks the tie. In this example, the metrics for Topology, Hops, Link
Capacity, VS Capacity, and Kilobytes/Second modes are not used in
determining how to distribute connections.
Note
You cannot set a value for both the Round Trip Time and Hops settings
simultaneously. In situations where the Global Traffic Manager has a value
for both settings, the Round Trip Time value is incorporated, while the value
for the Hops setting is reset to 0.
Note
7 - 12
Load Balancing with the Global Traffic Manager
time for memberTwo. Note that, with the Dynamic Ratio option enabled,
both pool members are employed to handle connections, while if the option
is disabled, only one pool member receives connections.
7 - 14
Load Balancing with the Global Traffic Manager
Note
If you do not want the Global Traffic Manager to return an address that is
potentially unavailable, we recommend that you set the fallback load
balancing method to None.
The Global Traffic Manager contains several options that help you control
how the system will respond when using a fallback load balancing setting.
These options allow you to:
• Configure the fallback load balancing method
• Configure the fallback IP load balancing mode
7 - 16
Load Balancing with the Global Traffic Manager
In addition, you can also configure the way the Global Traffic Manager
treats the address exclusion list when using the fallback load balancing
method. The address exclusion list consists of Local Domain Name System
(LDNS) servers that the Global Traffic Manager does not probe for metrics
data. Load balancing modes that use this data include the Round Trip Time,
Completion Rate, and other dynamic modes. With the fallback load
balancing mode, you can determine if the system respects this list or ignores
it.
Note
For additional information on the address exclusion list, see Chapter 12,
Collecting Metrics.
The Ignore Traffic TTL option instructs the Global Traffic Manager to use
path information gathered during metrics collection even if the time-to-live
value for that information has expired. This option is often used when you
want the Global Traffic Manager to continue using a dynamic load
balancing mode even if some metrics data is temporarily unavailable, and
you would prefer the Global Traffic Manager to use old metric data than
employ an alternate load balancing method. This option is disabled by
default.
The Verify Virtual Server Availability option instructs the Global Traffic
Manager to verify that a virtual server is available before returning it as a
response to a name solution request. If this option is disabled, the system
responds to a name resolution request with the virtual server’s IP address
regardless as to whether the server is up or down. This option is rarely
deactivated outside of a test or staging environment, and is enabled by
default.
7 - 18
8
Managing Connections
As the preceding list illustrates, the health of a resource does not necessarily
impact the availability of that resource. For example, a virtual server that
has a red status code could still be selected by the Global Traffic Manager.
8-2
Managing Connections
The following sections describe each of these methods and how you can
configure them within the Global Traffic Manager.
4. For each limit setting you want to configure, select Enabled from
the corresponding list.
The screen refreshes to show a box in which you can type a value
for the limit setting.
5. Type the value for each limit setting in the corresponding box.
6. Click the Update button to save your changes.
8-4
Managing Connections
You can also assign monitors to a specific server. In most cases, when you
assign a monitor to a server, that monitor checks all virtual servers
associated with that server.
An exception to this guideline is the SNMP monitor. If you assign an SNMP
monitor to a Cisco, Alteon, Extreme, Foundry, or Radware server, that
monitor obtains information on the virtual servers associated with that
server. If you assign the SNMP monitor to any other server type, that
monitor obtains data on the server itself.
For more information on the SNMP monitor, see Chapter 10, Configuring
Monitors.
In cases where you assign a monitor to a virtual server both directly and to
its parent server, the availability information acquired from the monitor
directly assigned to the virtual server takes precedence over any other data.
8-6
Managing Connections
8-8
Managing Connections
8 - 10
Managing Connections
Note
The Drain Persistent Requests option applies only when you manually
disable the pool. It does not apply when the pool becomes offline for any
other reason.
8 - 12
9
Working with Topologies
• Overview of topologies
Overview of topologies
As the name implies, the Global Traffic Manager handles name resolution
requests at an international level. Consequently, one of the methods you can
employ to load balance requests is through the use of topologies. A topology
is a set of characteristics that identify the origin of a given name resolution
request. In the Global Traffic Manager, topologies belong to one of several
categories, including:
• Continent
• Country
• IP Subnet
• ISP
Understanding topologies
A fictional company, SiteRequest, allows its customers to download
applications from its web site. SiteRequest has three data centers: New
York, Paris, and Tokyo. To ensure that customers can download their
purchased application as quickly as possible, the IT department has decided
to create topologies with which to load balance name resolution requests.
The New York data center is chosen as the designated data center for any
name resolution requests originating in the western hemisphere. To ensure
that these requests go only to the New York data center, the IT department
first creates a custom region, called Western Hemisphere, that contains the
continents North America and South America. With this custom region
created, the next step is to create a topology record for the Global Traffic
Manager. A topology record is a statement that tells the Global Traffic
Manager how to handle name resolution requests based on topologies. In
this case, the IT department creates the record as follows:
• Request Source: Region is Western Hemisphere
• Destination Source: Data Center is New York
• Weight: 10
Implementing topologies
When you want to load balance connection requests using one or more
topologies, you must complete two tasks:
• Configure the given wide IP or pool to use topology as a load balancing
method.
• Access the Topology screen to create your topology statements.
See Setting up and removing topology records, on page 9-3, for more
information.
9-2
Working with Topologies
You can select one of two operators for both a request source and a
destination statement. The is operator indicates that the name resolution
request matches the statement. The is not operator indicates that the name
resolution request does not match the statement.
The last element of a topology record, called the topology score or weight,
allows the Global Traffic Manager to evaluate the best resolution option for
a DNS request. In the event that a name resolution request matches more
than one topology record, the Global Traffic Manager uses the record with
the highest weight attribute to determine which statement it uses to load
balance the request.
Note
9-4
Working with Topologies
9-6
Working with Topologies
Once you select a region member type, you then fill in the details about that
region member and add it to the region member list. The region member
options change based on the region member type that you select. When you
have finished adding region members to your new region, the new region
becomes an option in the Create Topology screen.
To create a region
1. On the Main tab of the navigation pane, expand Global Traffic and
then click Topology.
The main topology screen opens.
2. On the menu bar, click Regions.
The main region screen opens.
3. Click the Create button.
The Create Region screen opens.
4. In the Name box, type a name for the new region.
5. Using the Member List settings, define the appropriate region
members.
6. Click the Create button to create the new region.
The ACL Threshold creates an exclusion list based on the topology record
score of a given name resolution request. If the topology record score is
lower than the value entered into this option, the name resolution request
does not have access to the listed virtual servers. This option is set to 0 by
default, which disables it.
The Longest Match option instructs the Global Traffic Manager to use the
topology statement that most completely matches the source IP address of
the name resolution request. For example, two topology statements exist:
one that matches a source IP address of 10.0.0.0 and one that matches
10.15.0.0. A name resolution request arrives with a source IP address of
10.15.65.8. With the Longest Match setting enabled, the Global Traffic
Manager will use the topology statement with 10.15.0.0 because it has the
longest, and therefore most complete, match. If this option was disabled, the
Global Traffic Manager could use either topology statement, depending on
factors such as the weight of the statement or the order in which the
statements are listed. This option is enabled by default.
9-8
10
Configuring Monitors
• Introducing monitors
• Managing monitors
Configuring Monitors
Introducing monitors
An important feature of the Global Traffic Manager is set of load-balancing
tools called monitors. Monitors verify connections on pools and virtual
servers. A monitor can be either a health monitor or a performance monitor.
Monitors are designed to check the status of a pool or virtual server on an
ongoing basis, at a set interval. If a pool or virtual server being checked does
not respond within a specified timeout period, or the status of a pool or
virtual server indicates that performance is degraded, then the Global Traffic
Manager can redirect the traffic to another resource.
Some monitors are included as part of the Global Traffic Manager, while
other monitors are user-created. Monitors that the Global Traffic Manager
provides are called pre-configured monitors. User-created monitors are
called custom monitors. For more information on pre-configured and
custom monitors, see Understanding pre-configured and custom monitors,
on page 10-4.
Before configuring and using monitors, it is helpful to understand some
basic concepts regarding monitor types, monitor settings, and monitor
implementation.
◆ Monitor types
Every monitor, whether pre-configured or custom, belongs to a certain
category, or monitor type. Each monitor type checks the status of a
particular protocol, service, or application. For example, an HTTP type
of monitor allows you to monitor the availability of the HTTP service on
a pool, pool member, or virtual server. An ICMP type of monitor simply
determines whether the status of a resource is up or down. For more
information on monitor types, see Summary of monitor types, on page
10-2, and Configuring monitor settings, on page 10-8.
◆ Monitor settings
Every monitor consists of settings with values. The settings and their
values differ depending on the type of monitor. In some cases, the Global
Traffic Manager assigns default values. For example, the following are
the default values for the ICMP-type monitor:
• Interval: 30 seconds
• Timeout: 120 seconds
• Transparent: No
These settings specify that an ICMP type of monitor is configured to
check the status of an IP address every 30 seconds, and to time out every
120 seconds. For more information on monitor settings, see Overview of
monitor settings, on page 10-4, and Configuring monitor settings, on
page 10-8.
◆ Monitor implementation
The task of implementing a monitor varies depending on whether you are
using a pre-configured monitor or creating a custom monitor. If you want
to implement a pre-configured monitor, you need only associate the
monitor with a pool or virtual server. If you want to implement a custom
monitor, you must first create the custom monitor, and then associate it
Simple ICMP Checks the status of a resource, using Internet Control Message
Protocol (ICMP).
Simple TCP Echo Checks the status of a resource, using Transmission Control
Protocol (TCP).
ECV HTTPS Verifies the Hypertext Transfer Protocol Secure (HTTPS) service by
attempting to receive specific content from a web page protected by
Secure Socket Layer (SSL) security.
EAV BIG IP Link Acquires data captured through monitors managed by a BIG-IP
Link Controller.
EAV External Allows users to monitor services using their own programs.
10 - 2
Configuring Monitors
EAV FTP Verifies the File Transfer Protocol (FTP) service by attempting to
download a specific file to the /var/tmp directory on the system.
Once downloaded successfully, the file is not saved.
EAV LDAP Verifies the Lightweight Directory Access Protocol (LDAP) service
by attempting to authenticate the specified user.
EAV NNTP Verifies the Usenet News protocol (NNTP) service by attempting to
retrieve a newsgroup identification string from the server.
EAV Oracle ®
Verifies services based on Oracle by attempting to perform an
Oracle login to a service.
EAV POP3 Verifies the Post Office Protocol (pop3) service by attempting to
connect to a pool, pool member, or virtual server, log on as the
specified user, and log off.
EAV RADIUS Verifies the Remote Access Dial-in User Service (RADIUS) service
by attempting to authenticate the specified user.
EAV Real Server Checks the performance of a pool, pool member, or virtual server
that is running the RealServer data collection agent, and then
dynamically load balances traffic accordingly.
EAV SIP Checks the status of Session Initiation Protocol (SIP) Call-ID
services on a device. The SIP protocol enables real-time
messaging, voice, data, and video.
EAV SMTP Checks the status of a pool, pool member, or virtual server by
issuing standard Simple Mail Transport Protocol (SMTP)
commands.
EAV SNMP DCA Checks the current CPU, memory, and disk usage of a pool, pool
member, or virtual server that is running an SNMP data collection
agent, and then dynamically load balances traffic accordingly.
EAV SOAP Tests a Web service based on the Simple Object Access Protocol
(SOAP).
EAV UDP Verifies the User Datagram Protocol (UDP) service by attempting to
send UDP packets to a pool, pool member, or virtual server and
receiving a reply.
EAV WMI Checks the performance of a pool, pool member, or virtual server
that is running the Windows Management Infrastructure (WMI) data
collection agent and then dynamically load balances traffic
accordingly.
10 - 4
Configuring Monitors
10 - 6
Configuring Monitors
Note
Before creating a custom monitor, you must decide on a monitor type. For
information on monitor types, see Configuring monitor settings, on page
10-8.
Simple monitors
Simple monitors are those that check the status of a resource. The simple
monitor types are:
• ICMP
• Gateway ICMP
• TCP Echo
• TCP Half Open
The Global Traffic Manager system provides a set of pre-configured simple
monitors: icmp, gateway_icmp, tcp_echo, and tcp_half_open. You can
either use these pre-configured monitors as is, or create custom monitors of
these types.
The following sections describe each type of simple monitor and show the
pre-configured monitor for each type. Note that each pre-configured monitor
consists of settings and their values.
10 - 8
Configuring Monitors
ICMP
Using an ICMP type of monitor, you can use Internet Control Message
Protocol (ICMP) to make a simple resource check. The check is successful
if the monitor receives a response to an ICMP_ECHO datagram. The
following list shows the settings and their values for the pre-configured
monitor icmp:
• Name: ICMP
• Type: ICMP
• Interval: 30 seconds
• Timeout: 120 seconds
• Transparent: No
• Alias Address: * All Addresses
The Transparent mode is an option for ICMP-type monitors. When you set
this mode to Yes, the monitor pings the resource with which the monitor is
associated. For more information about Transparent mode, refer to Using
transparent and reverse modes, on page 10-35.
Gateway ICMP
A Gateway ICMP type of monitor has a special purpose. You use this
monitor for a pool that implements gateway failsafe for high availability.
A Gateway ICMP monitor functions the same way as an ICMP monitor,
except that you can apply a Gateway ICMP monitor to a pool. (Remember
that you can apply an ICMP monitor to a resource only and not to a pool
member.) The following list shows the settings and their values for the
pre-configured gateway_icmp monitor.
• Name: Gateway ICMP
• Type: Gateway ICMP
• Interval: 30 seconds
• Timeout: 120 seconds
• Transparent: No
• Alias Address: * All Addresses
• Alias Service Port: * All Ports
TCP Echo
With a TCP Echo type of monitor, you can verify Transmission Control
Protocol (TCP) connections. The check is successful if the Global Traffic
Manager receives a response to a TCP Echo message. The TCP Echo type
also supports Transparent mode. In this mode, the resource with which the
monitor is associated is pinged through to the destination resource. (For
more information about Transparent mode, see Using transparent and
reverse modes, on page 10-35.)
To use a TCP Echo monitor type, you must ensure that TCP Echo is enabled
on the resources being monitored. The following list shows the settings for
the pre-configured monitor tcp_echo:
• Name: TCP Echo
• Type: TCP Echo
• Interval 30 seconds
• Timeout 120 seconds
• Alias Address: * All Addresses
You can either use the pre-configured ECV monitors as is, or create custom
monitors from these monitor types.
The following sections describe each type of ECV monitor and show the
pre-configured monitor for each type. Note that each pre-configured monitor
consists of settings and their values.
10 - 10
Configuring Monitors
TCP
A TCP type of monitor attempts to receive specific content sent over TCP.
The check is successful when the content matches the Receive String value.
A TCP type of monitor takes a Send String value and a Receive String
value. If the Send String value is blank and a connection can be made, the
service is considered up. A blank Receive String value matches any
response. Both Transparent and Reverse modes are options. For more
information about Transparent and Reverse modes, see Using transparent
and reverse modes, on page 10-35.
The following list shows the settings for the pre-configured monitor tcp:
• Name: tcp
• Type: TCP
• Interval: 30 seconds
• Timeout: 120 seconds
• Send String: "" (empty)
• Receive String: "" (empty)
• Reverse: No
• Transparent: No
• Alias Address: * All Addresses
• Alias Service Port: * All Ports
HTTP
You can use an HTTP type of monitor to check the status of Hypertext
Transfer Protocol (HTTP) traffic. Like a TCP monitor, an HTTP monitor
attempts to receive specific content from a web page, and unlike a TCP
monitor, may send a user name and password. The check is successful when
the content matches the Receive String value. An HTTP monitor uses a
send string, a receive string, a user name, a password, and optional Reverse
and Transparent modes. (If there is no password security, you must use
blank strings [""] for the Username and Password settings.)
For more information on transparent and reverse modes, see Using
transparent and reverse modes, on page 10-35.
The following list shows the settings of the pre-configured monitor http:
• Name: http
• Type: HTTP
• Interval: 30 seconds
• Timeout: 120 seconds
• Send String: Get /
• Receive String: "" (empty)
• User Name: "" (empty)
• Password: "" (empty)
• Reverse: No
• Transparent: No
• Alias Address: * All Addresses
• Alias Service Port: * All Ports
HTTPS
You use an HTTPS type of monitor to check the status of Hypertext
Transfer Protocol Secure (HTTPS) traffic. An HTTPS type of monitor
attempts to receive specific content from a web page protected by SSL
security. The check is successful when the content matches the Receive
String value.
HTTPS-type monitors use a send string, a receive string, a user name, a
password, and an optional Reverse setting. (If there is no password security,
you must use blank strings [""] for the Username and Password settings.)
For more information on the Reverse setting, see Using transparent and
reverse modes, on page 10-35.
HTTP-type monitors also include the settings Cipher List, Compatibility,
and Client Certificate. If you do not specify a cipher list, the monitor uses
the default cipher list DEFAULT:+SHA:+3DES:+kEDH. When you set
the Compatibility setting to Enabled, this sets the SSL options to ALL.
You use the Client Certificate setting to specify a certificate file that the
monitor then presents to the server.
The following list shows the settings of the pre-configured monitor https:
• Name: https
• Type: HTTPS
• Interval: 30 seconds
• Timeout: 120 seconds
• Send String: Get /
• Receive String: "" (empty)
• Cipher List: "" (empty)
• User Name: "" (empty)
• Password: "" (empty)
• Compatibility: Enabled
• Client Certificate: "" (empty)
• Reverse: No
• Alias Address: * All Addresses
• Alias Service Port: * All Ports
The Reverse setting is an option for monitors that import settings from the
https monitor. In most monitor settings, the Global Traffic Manager
considers the resource available when the monitor successfully probes it.
However, in some cases you may want the resource to be considered
10 - 12
Configuring Monitors
BIG-IP
If you employ the Global Traffic Manager in a network that contains a Local
Traffic Manager, you must assign a BIG-IP monitor to the Local Traffic
Manager. In fact, this monitor is automatically assigned to the Local Traffic
Manager if you do not do so manually.
The BIG-IP monitor gathers metrics and statics information that the Local
Traffic Manager acquires through the monitoring of its own resources. In
general, it is sufficient to assign only the BIG-IP monitor to a Local Traffic
Manager. In situations where you want to verify the availability of a specific
resource managed by the Local Traffic Manager, we recommend that you
first assign the appropriate monitor to the resource through the Local Traffic
Manager, and then assign a BIG-IP monitor to the Local Traffic Manager
through the Global Traffic Manager. This configuration provides the most
efficient means of tracking resources managed by a BIG-IP system.
The following list shows the settings and default values of a BIG-IP-type
monitor:
• Name: my_bigip
• Type: BIG-IP
• Interval: 30 seconds
• Timeout: 90 seconds
• Probe Interval: 1 second
• Probe Timeout: 1 second
• Probe Attempts: 1
• Minimum Required Successful Attempts: 1
• Alias Address: * All Addresses
• Alias Service Port: * All Ports
Note
If the Global Traffic Manager and the Local Traffic Manager are on the
same machine, you must still assign a BIG-IP monitor to the server that you
added to your configuration that represents the Global Traffic
Manager/Local Traffic Manager system. See Chapter 5, Defining the
Physical Network for more information.
BIG-IP Link
If you employ the Global Traffic Manager in a network that contains a Link
Controller, you must assign a BIG-IP Link monitor to the Link Controller.
In fact, this monitor is automatically assigned to the Link Controller if you
do not do so manually.
The BIG-IP Link monitor gathers metrics and statics information that the
Link Controller acquires through the monitoring of its own resources.
The following list shows the settings and default values of a BIG IP
Link-type monitor:
10 - 14
Configuring Monitors
• Name: my_bigip_link
• Type: BIG-IP Link
• Interval: 10 seconds
• Timeout: 30 seconds
• Probe Interval: 1 second
• Probe Timeout: 1 second
• Probe Attempts: 1
• Minimum Required Successful Attempts: 1
• Alias Address: * All Addresses
• Alias Service Port: * All Ports
Note
If the Global Traffic Manager and the Link Controller are on the same
machine, you must still assign a BIG-IP Link monitor to the server that you
added to your configuration that represents the Global Traffic
Manager/Link Controller system. See Chapter 5, Defining the Physical
Network for more information.
External
Using an External type of monitor, you can create your own monitor type.
To do this, you create a custom External-type monitor and within it, specify
a user-supplied monitor to run.
The External Program setting specifies the name of your user-supplied
monitor program. An External-type monitor searches the directory
/user/bin/monitors for that monitor name.
The Arguments setting allows you to specify any command-line arguments
that are required.
The following list shows the settings and default values of an External-type
monitor:
• Name: my_external
• Type: External
• Interval: 30 seconds
• Timeout: 120 seconds
• External Program: "" (empty)
• Arguments: "" (empty)
• Variables: "" (empty)
• Alias Addresses: * All Addresses
• Alias Service Port: * All Ports
FTP
Using an FTP type of monitor, you can monitor File Transfer Protocol
(FTP) traffic. A monitor of this type attempts to download a specified file to
the /var/tmp directory, and if the file is retrieved, the check is successful.
Note
Once the file has been successfully downloaded, the Global Traffic Manager
does not save it.
An FTP monitor specifies a user name, a password, and a full path to the file
to be downloaded.
The following list shows the settings and default values of an FTP-type
monitor:
• Name: my_ftp
• Type: FTP
• Interval: 10 seconds
• Timeout: 31 seconds
• User Name: "" (empty)
• Password: "" (empty)
• Path/Filename: "" (empty)
• Mode: Passive
• Alias Addresses: * All Addresses
• Alias Service Port: * All Ports
• Debug: No
IMAP
With an IMAP type of monitor, you can check the status of Internet
Message Access Protocol (IMAP) traffic. An IMAP monitor is essentially a
POP3 type of monitor with the addition of the Folder setting. The check is
successful if the monitor is able to log into a server and open the specified
mail folder.
An IMAP monitor requires that you specify a user name and password. The
following list shows the settings and default values of an IMAP-type
monitor:
• Name: my_imap
• Type: IMAP
• Interval: 10 seconds
• Timeout: 31 seconds
• User Name: "" (empty)
• Password: "" (empty)
• Folder: INBOX
10 - 16
Configuring Monitors
Note
LDAP
An LDAP type of monitor checks the status of Lightweight Directory
Access Protocol (LDAP) servers. The LDAP protocol implements standard
X.500 for email directory consolidation. A check is successful if entries are
returned for the base and filter specified. An LDAP monitor requires a user
name, a password, and base and filter strings. The following list shows the
settings and default values of an LDAP-type monitor:
• Name: my_ldap
• Type: LDAP
• Interval: 10 seconds
• Timeout: 31 seconds
• User Name: "" (empty)
• Password: "" (empty)
• Base: "" (empty)
• Filter: "" (empty)
• Security: None
• Mandatory Attributes: No
• Alias Addresses: * All Addresses
• Alias Service Port: * All Ports
• Debug: No
MSSQL
You use an MSSQL type of monitor to perform service checks on Microsoft
SQL Server-based services such as Microsoft SQL Server versions 6.5 and
7.0.
The Global Traffic Manager requires installation of a JDBC driver before
performing the actual login. For more information, see the Configuration
Guide for BIG-IP® Local Traffic Management.
If you receive a message that the connection was refused, verify that the IP
address and port number or service are correct. If you are still having login
trouble, see Troubleshooting MSSQL logins, on page 10-19.
The remainder of this section on MSSQL monitors describes prerequisite
tasks, the default monitor settings, and troubleshooting tips.
Before using an MSSQL-type monitor, you must download a set of JDBC
JavaTM Archive (JAR) files and install them on the Global Traffic Manager
system.
10 - 18
Configuring Monitors
The Send String setting is optional and specifies a SQL query statement
that the Global Traffic manager should send to the server. Examples are
SELECT * FROM sales and SELECT FirstName, LastName From
Employees. If you configure the Send String setting, you can also configure
the following settings:
◆ Receive String
The Receive String setting is an optional parameter that specifies the
value expected to be returned for the row and column specified with the
Receive Row and Receive Column settings. An example of a Receive
String value is ALAN SMITH. You can only configure this setting
when you configure the Send String setting.
◆ Receive Row
The Receive Row setting is optional, and is useful only if the Receive
String setting is specified. This setting specifies the row in the returned
table that contains the Receive String value. You can only configure this
setting when you configure the Send String setting.
◆ Receive Column
The Receive Column setting is optional and is useful only if the Receive
String setting is specified. This setting specifies the column in the
returned table that contains the Receive String value. You can only
configure this setting when you configure the Send String setting.
You can register servers by entering the machine name, user name, and
password. If these names are correct, the server becomes registered and
you are then able to click an icon for the server. When you expand the
subtree for the server, there is an icon for login accounts.
Beneath this subtree, you can find the SQL logins. Here, you can change
passwords or add new logins by right-clicking the Logins icon. Click this
icon to access the Add login option. After you open this option, type the
user name and password for the new login, as well as which databases
the login is allowed to access. You must grant the test account access to
the database you specify in the EAV configuration.
NNTP
You use an NNTP type of monitor to check the status of Usenet News
traffic. The check is successful if the monitor retrieves a newsgroup
identification line from the server. An NNTP monitor requires a newsgroup
name (for example, alt.cars.mercedes) and, if necessary, a user name and
password.
The following list shows the settings and default values of an NNTP-type
monitor:
• Name: my_nntp
• Type: NNTP
• Interval: 30 seconds
• Timeout: 120 seconds
• User Name: "" (empty)
• Password: "" (empty)
• Newsgroup: "" (empty)
• Alias Addresses: * All Addresses
• Alias Service Port: * All Ports
• Debug: No
Oracle
With an Oracle type of monitor, you can check the status of an Oracle
database server. The check is successful if the monitor is able to connect to
the server, log in as the indicated user, and log out.
The following list shows the settings and default values of an Oracle-type
monitor:
• Name: my_oracle
• Type: Oracle
• Interval: 30 seconds
• Timeout: 91 seconds
• Send String: "" (empty)
• Receive String: "" (empty)
• User Name: "" (empty)
• Password: "" (empty)
• Database: "" (empty)
• Receive Row: "" (empty)
• Receive Column: "" (empty)
• Alias Addresses: * All Addresses
• Alias Service Port: * All Ports
• Debug: No
10 - 20
Configuring Monitors
The Send String setting specifies a SQL statement that the Global Traffic
Manager system should send to the Oracle server. An example is SELECT
* FROM sales.
The Receive String setting is an optional parameter that specifies the value
expected to be returned for a specific row and column of the table that the
Send String setting retrieved. An example of a Receive String value is
SMITH.
In an Oracle type of monitor, the Database setting specifies the name of the
data source on the Oracle server. Examples are sales and hr.
The Receive Row setting is optional, and is useful only if the Receive
String setting is specified. This setting specifies the row in the returned
table that contains the Receive String value.
The Receive Column setting is optional and is useful only if the Receive
String setting is specified. This setting specifies the column in the returned
table that contains the Receive String value.
POP3
A POP3 type of monitor checks the status of Post Office Protocol (POP)
traffic. The check is successful if the monitor is able to connect to the server,
log in as the indicated user, and log out. A POP3 monitor requires a user
name and password.
The following list shows the settings and default values of a POP3-type
monitor:
• Name: my_pop3
• Type: POP3
• Interval: 30 seconds
• Timeout: 120 seconds
• User Name: "" (empty)
• Password: "" (empty)
• Alias Addresses: * All Addresses
• Alias Service Port: * All Ports
• Debug: No
RADIUS
Using a RADIUS type of monitor, you can check the status of Remote
Access Dial-in User Service (RADIUS) servers. The check is successful if
the server authenticates the requesting user. A RADIUS monitor requires a
user name, a password, and a shared secret string for the code number.
Note
The following list shows the settings and default values of a RADIUS-type
monitor:
• Name: my_radius
• Type: RADIUS
• Interval:10 seconds
• Timeout: 31 seconds
• User Name: "" (empty)
• Password: "" (empty)
• Secret: "" (empty)
• Alias Addresses: * All Addresses
• Alias Service Port: * All Ports
• Debug: No
Real Server
A Real Server type of monitor checks the performance of a pool or virtual
server that is running the RealSystem Server data collection agent. The
monitor then dynamically load balances traffic accordingly. Performance
monitors are generally used with dynamic ratio load balancing. For more
information on performance monitors and dynamic ratio load balancing, see
Chapter 7, Load Balancing with the Global Traffic Manager.
Note
10 - 22
Configuring Monitors
Note
When creating a custom Real Server monitor, you cannot modify the values
of the Method, Command, and Agent settings.
Table 10.2 shows the complete set of server-specific metrics and metric
setting default values that apply to the GetServerStats command.
CPUPercentUsage 1.0 80
The metric coefficient is a factor determining how heavily the metric’s value
counts in the overall ratio weight calculation. The metric threshold is the
highest value allowed for the metric if the metric is to have any weight at all.
To understand how to use these values, it is necessary to understand how the
overall ratio weight is calculated. The overall ratio weight is the sum of
relative weights calculated for each metric. The relative weights, in turn, are
based on three factors:
• The value for the metric returned by the monitor
• The coefficient value
• The threshold value
Scripted
You use the Scripted type of monitor to generate a simple script that reads a
file that you create. The file contains send and expect strings to specify lines
that you want to send or that you expect to receive. For example, Figure
10 - 24
Configuring Monitors
10.1 shows a sample file that you could create, which specifies a simple
SMTP sequence. Note that the lines of the file are always read in the
sequence specified.
expect 220
send “HELLO bigip1.siterequest.com\r\n”
expect “250”
send “quit\r\n
Using a Scripted monitor, you can then generate a script that acts on the
above file. When the Scripted monitor script reads this file, the script
examines each line, and if the line has no quotation marks, the line is sent or
expected as is. If the line is surrounded by quotation marks, the script strips
off the quotation marks, and examines the line for escape characters, treating
them accordingly.
The following list shows the settings and default values of a Scripted-type
monitor:
• Name: scripted
• Type: Scripted
• Interval: 10 seconds
• Timeout: 31 seconds
• File name: "" (empty)
• Alias Addresses: * All Addresses
• Alias Service Port: * All Ports
• Debug: No
Note
When you create a file containing send and expect strings, store the file in
the directory /config/eav.
SIP
You use a SIP type of monitor to check the status of SIP Call-ID services.
This monitor type uses UDP to issue a request to a server device. The
request is designed to identify the options that the server device supports. If
the proper request is returned, the device is considered to be up and
responding to commands.
The following list shows the settings and default values of a SIP-type
monitor:
• Name: my_sip
• Type: SIP
• Interval: 30 seconds
• Timeout: 120 seconds
• Mode: UDP
• Additional Accepted Status Codes: None
• Status Code List: "" (empty)
• Alias Addresses: * All Addresses
• Alias Service Port: * All Ports
• Debug: No
Possible values for the Mode setting are TCP and UDP.
Possible values for the Additional Accepted Status Codes setting are Any,
None, and Status Code List. The Status Code List setting specifies one or
more status codes, in addition to status code 200, that are acceptable in order
to indicate an up status. Multiple status codes should be separated by
spaces. Specifying an asterisk (*) indicates that all status codes are
acceptable.
SMTP
An SMTP type of monitor checks the status of Simple Mail Transport
Protocol (SMTP) servers. This monitor type is an extremely basic monitor
that checks only that the server is up and responding to commands. The
check is successful if the mail server responds to the standard SMTP HELO
and QUIT commands. An SMTP-type monitor requires a domain name.
The following list shows the settings and default values of an SMTP-type
monitor:
• Name: my_smtp
• Type: SIP
• Interval: 30 seconds
• Timeout: 120 seconds
• Domain: "" (empty)
• Alias Addresses: * All Addresses
• Alias Addresses: * All Addresses
• Alias Service Port: * All Ports
• Debug: No
SNMP
With an SNMP type of monitor, you can check the performance of a server
running an SNMP agent such as UC Davis, for the purpose of load
balancing traffic to that server. This monitor conducts an SNMP query for a
specific number of times, counting the number of times the query is
successful. If the number of successful queries matches the number that you
set when configuring the monitor, the Global Traffic Manager considers the
resource available.
10 - 26
Configuring Monitors
Performance monitors are generally used with dynamic ratio load balancing.
For more information on performance monitors and dynamic ratio load
balancing, see Chapter 7, Load Balancing with the Global Traffic Manager.
Note
SNMP Link
You use an SNMP Link type of monitor to check the performance of links
that are running an SNMP agent.
The Global Traffic Manager system provides a pre-configured SNMP
monitor named snmp_link. The following list shows the settings and values
of the snmp_link pre-configured monitor:
• Name: snmp_link
• Type: SNMP Link
• Interval: 10 seconds
• Timeout: 30 seconds
• Probe Interval: 1 second
• Probe Timeout; 1 second
• Probe Attempts: 1
• Minimum Required Successful Attempts: 1
• Alias Addresses: * All Addresses
• Alias Service Port: * All Ports
Performance monitors are generally used with dynamic ratio load balancing.
For more information on performance monitors and dynamic ratio load
balancing, see Chapter 7, Load Balancing with the Global Traffic Manager.
Note
SOAP
A SOAP monitor tests a Web service based on the Simple Object Access
protocol (SOAP). More specifically, the monitor submits a request to a
SOAP-based Web service, and optionally, verifies a return value or fault.
The following list shows the settings and default values of a SOAP-type
monitor:
• Name: my_soap
• Type: SOAP
• Interval: 30 seconds
• Timeout: 120 seconds
• User Name: "" (empty)
• Password: "" (empty)
• Protocol: HTTP
10 - 28
Configuring Monitors
Possible values for the Protocol setting are HTTP and HTTPS.
Possible values for the Parameter Type setting are: bool, int, long, and
string.
Possible values for the Return Type setting are: bool, int, short, long,
float, double, and string.
Possible values for the Expect Fault setting are No and Yes.
UDP
You use a UDP type of monitor when the system is sending User Datagram
Protocol (UDP) packets. Designed to check the status of a UDP service, a
UDP-type monitor sends one or more UDP packets to a target pool, pool
member, or virtual server.
The following list shows the settings and default values of a UDP-type
monitor.
• Name: my_udp
• Type: UDP
• Interval: 30 seconds
• Timeout: 120 seconds
• Send String: default send string
• Send Packets: 2
• Timeout Packets: 2
• Alias Addresses: * All Addresses
• Alias Service Port: * All Ports
As shown in this list, the value in seconds of the Timeout Packets setting
should be lower than the value of the Interval setting.
If a UDP monitor reports And another monitor Then the UDP service
status as reports status as is
up up up
up down down
down up down
WAP
You use a WAP monitor to monitor Wireless Application Protocol (WAP)
servers. The common usage for the WAP monitor is to specify the Send
String and Receive String settings only. The WAP monitor functions by
requesting a URL (the Send String setting) and finding the string in the
Receive String setting somewhere in the data returned by the URL
response. The following list shows the settings and default values of a
WAP-type monitor:
• Name: my_wap
• Type: WAP
• Interval: 10 seconds
• Timeout: 31 seconds
• Send String: "" (empty)
• Receive String: "" (empty)
• Secret: "" (empty)
• Accounting Node: "" (empty)
• Accounting Port: "" (empty)
• Server ID: "" (empty)
• Call ID: "" (empty)
• Session ID: "" (empty)
• Framed Address: "" (empty)
• Alias Addresses: * All Addresses
• Alias Service Port: * All Ports
• Debug: No
10 - 30
Configuring Monitors
The Secret setting is the RADIUS secret, a string known to both the client
and the RADIUS server, and is used in computing the MD5 hash.
The Accounting Node setting specifies the RADIUS resource. If this a null
string and RADIUS accounting has been requested (accounting port is
non-zero), then the WAP server resource is assumed to also be the RADIUS
resource.
If set to non-zero, the Accounting Port setting requests RADIUS
accounting and uses the specified port.
The Server ID setting specifies the RADIUS NAS-ID of the requesting
server (that is, the BIG-IP system). It is a string used as an alias for the
FQDN. See the section on testing WAP_monitor just below.
The Call ID setting is an identifier similar to a telephone number, that is, a
string of numeric characters. For testing purposes, this value is usually a
string of eleven characters.
The Session ID setting is a RADIUS session ID, used to identify this
session. This is an arbitrary numeric character string, often something like
01234567.
The Framed Address setting is a RADIUS framed IP address. The setting
has no special use and is usually specified simply as 1.1.1.1.
RADIUS accounting is optional. To implement RADIUS accounting, you
must set the accounting port to a non-zero value. If you set the Accounting
Port setting to a non-zero value, then the monitor assumes that RADIUS
accounting is needed, and an accounting request is sent to the specified
accounting node and port to start accounting. This is done before the URL is
requested. After the successful retrieval of the URL with the correct data, an
accounting request is sent to stop accounting.
WMI
A WMI type of monitor checks the performance of a pool or virtual server
that is running the Windows Management Infrastructure (WMI) data
collection agent and then dynamically load balances traffic accordingly.
You generally use performance monitors such as a WMI monitor with
dynamic ratio load balancing. For more information on performance
monitors and dynamic ratio load balancing, see Chapter 7, Load Balancing
with the Global Traffic Manager.
Note
The following list shows the settings and default values of a WMI-type
monitor:
• Name: my_wmi
• Type: WMI
• Interval: 30 seconds
• Timeout: 120 seconds
• User Name: "" (empty)
• Password: "" (empty)
• Method: POST
• URL: /scripts/F5lsapi.dll
• Command: GetCPUInfo, GetDiskInfo, GetOSInfo
• Metrics: LoadPercentage, DiskUsage, PhsyicalMemoryUsage
• Agent: Mozilla/4.0 (compatible: MSIE 5.0; Windows NT)
• Post: RespFormat=HTML
• Debug: No
Note that when creating a custom WMI monitor, the only default values that
you are required to change are the null values for user name and password.
Also note that you cannot change the value of the Method setting.
Table 10.4 shows the complete set of commands and metrics that you can
specify with the Command and Metrics settings. Also shown are the
default metric values.
Default Default
Command Metric Coefficient Threshold
10 - 32
Configuring Monitors
Default Default
Command Metric Coefficient Threshold
Default Default
Command Metric Coefficient Threshold
10 - 34
Configuring Monitors
Setting destinations
By default, the value for the Alias Address setting for most monitors is set
to the wildcard * Addresses, and the Alias Service Port setting is set to the
wildcard * Ports (exceptions to this rule are the WMI and Real Server
monitors). This value causes the monitor instance created for a pool or
virtual server to take that resource’s address or address and port as its
destination. You can, however, replace either or both wildcard symbols with
an explicit destination value, by creating a custom monitor. An explicit
value for the Alias Address and/or Alias Service Port setting is used to
force the instance destination to a specific address and/or port which may
not be that of the pool or virtual server.
The ECV monitors http, https, and tcp have the settings Send String and
Receive String for the send string and receive expression, respectively.
The most common Send String value is GET /, which retrieves a default
HTML page for a web site. To retrieve a specific page from a web site, you
can enter a Send String value that is a fully qualified path name:
"GET /www/support/customer_info_form.html"
The Receive String expression is the text string the monitor looks for in the
returned resource. The most common Receive String expressions contain a
text string that is included in a particular HTML page on your site. The text
string can be regular text, HTML tags, or image names.
The sample Receive expression below searches for a standard HTML tag:
"<HEAD>"
You can also use the default null Receive String value [""]. In this case,
any content retrieved is considered a match. If both the Send String and
Receive String are left empty, only a simple connection check is performed.
For HTTP monitors, you can use the special settings get or hurl in place of
Send String and Receive String statements, respectively.
◆ Transparent setting
Sometimes it is necessary to ping the aliased destination through a
transparent pool or virtual server. When you create a custom monitor and
set the Transparent setting to Yes, the Global Traffic Manager forces
the monitor to ping through the pool or virtual server with which it is
associated (usually a firewall) to the pool or virtual server. (In other
words, if there are two firewalls in a load balancing pool, the destination
pool or virtual server is always pinged through the pool or virtual server
specified and not through the pool or virtual server selected by the load
balancing method.) In this way, the transparent pool or virtual server is
tested: if there is no response, the transparent pool or virtual server is
marked as down.
Common examples are checking a router, or checking a mail or FTP
server through a firewall. For example, you might want to check the
router address 10.10.10.53:80 through a transparent firewall
10.10.10.101:80. To do this, you create a monitor called http_trans in
which you specify 10.10.10.53:80 as the monitor destination address,
and set the Transparent setting to Yes. Then you associate the monitor
http_trans with the transparent firewall (10.10.10.101:80).
This causes the monitor to check the address 10.10.10 53:80 through
10.10.10.101:80. (In other words, the Global Traffic Manager routes the
check of 10.10.10.53:80 through 10.10.10.101:80.) If the correct
response is not received from 10.10.10.53:80, then 10.10.10.101:80 is
marked down. For more information on associating monitors with virtual
servers, see Associating monitors with resources, on page 10-37.
◆ Reverse setting
In most monitor settings, the Global Traffic Manager considers the
resource available when the monitor successfully probes it. However, in
some cases you may want the resource to be considered unavailable after
a successful monitor test. You accomplish this configuration with the
Reverse setting. With the Reverse setting set to Yes, the monitor marks
the pool or virtual server down when the test is successful. For example,
if the content on your web site home page is dynamic and changes
frequently, you may want to set up a reverse ECV service check that
looks for the string: Error. A match for this string means that the web
server was down.
Figure 10.5 shows the monitors that contain the Transparent setting, the
Reverse setting, or both.
Reverse
10 - 36
Configuring Monitors
ICMP Transparent
10 - 38
Configuring Monitors
Managing monitors
The procedures for adding and removing monitors is specific to the
resource. See Chapter 5, Defining the Physical Network, and Chapter 6,
Defining the Logical Network for information on adding and removing
monitors from a resource.
In addition to adding and removing monitors from network resources, you
can interact with monitors in the following ways:
• Displaying monitor settings
• Deleting monitors
• Enabling and disabling monitor instances
To display a monitor
1. On the Main tab of the navigation pane, expand Global Traffic and
then click Monitors.
The main monitors screen opens.
2. Click a monitor name.
The properties screen of the monitor opens.
Deleting monitors
In the event that your configuration of the Global Traffic Manager no longer
requires a specific monitor, you can delete the monitor. You cannot delete a
monitor that has one or more instances assigned to resources on your
network. See Chapter 5, Defining the Physical Network, and Chapter 6,
Defining the Logical Network for information on adding and removing
monitors from a resource.
To delete a monitor
1. On the Main tab of the navigation pane, expand Global Traffic and
then click Monitors.
The main monitors screen opens.
2. Check the Select box for the monitor that you want to delete.
3. Click the Delete button.
A confirmation message opens.
4. Click the Delete button to delete the monitor.
10 - 40
11
Viewing Statistics
• Introducing statistics
• Accessing statistics
Introducing statistics
One of the most important aspects to managing a network is timely access to
accurate information on network performance. This information can verify
that the Global Traffic Manager is handling your name resolution requests
as efficiently as possible, as well as provide data on the overall performance
of a specific resource, such as a data center or distributed application.
The Global Traffic Manager gathers statistical data on multiple aspects of
your network. You access these statistics through the statistics screen. The
types of statistics you can select from this screen include:
• A summary of network components, as defined in the Global Traffic
Manager
• Distributed applications
• Wide IPs
• Pools
• Data centers
• Links
• Servers
• Virtual servers
• iRules
• Paths
• Local DNS
Accessing statistics
You can access Global Traffic Manager statistics in two ways:
• Through the Statistics option on the Main tab of the navigation pane
• Through the Statistics menu from various main screens for different
components
Both methods bring you to the same screen within the Global Traffic
Manager. When you access statistics through a menu on the main screen for
a given network component, the Statistics screen is pre-configured for the
given network element, although you can switch to a different set of
statistics at any time.
11 - 2
Viewing Statistics
4. From the Auto Refresh list, select the frequency at which the
Global Traffic Manager refreshes data on the screen.
If you select Disabled from this list, the system does not refresh the
screen; instead, you can click the Refresh button to update the
screen with the latest statistical data.
Each value within the Total, Available, Unavailable, Offline, and Unknown
columns is a link. When you click the link, you access the main screen for
that resource, with the list of resources filtered to show only those resources
with the corresponding status. For example, if the Available column for data
centers has a value of 5, clicking the 5 brings up a filtered main screen for
data centers that shows only the five data centers that are available.
11 - 4
Viewing Statistics
Wide IP statistics
The Global Traffic Manager captures several statistics related to the
performance of a wide IP. These statistics primarily focus on how many
resolution requests have been sent for the wide IP, and how the Global
Traffic Manager has load balanced these requests. You can access the wide
IP statistics by selecting Wide IPs from the Statistics Type list in the
Statistics screen. For information on accessing the Statistics screen, see
Accessing statistics, on page 11-2.
As an example of wide IP statistics, consider the fictional company
SiteRequest. The IT department at SiteRequest has a wide IP,
www.siterequest.com, which uses the Global Availability load balancing
mode. This mode sends all name resolution requests for this wide IP to a
specific pool until that pool is unavailable. Because the wide IP,
www.siterequest.com, is critical to SiteRequest’s operations, the IT
department wants to track traffic to the wide IP and ensure that the primary
pool is not at risk of getting overloaded. The wide IP statistics provide the
IT department the information they need to see how many requests are being
sent for the wide IP, allowing them to plan additional resource allocations
more effectively.
The wide IP statistics screen consists of a Wide IP Statistics table. This table
contains the following information:
◆ Status
The Status column indicates the current status of the wide IP. The
available status types are: Available, Unavailable, Offline, and
Unknown. Each status type is represented by a symbol; for example, the
available status type is represented by a green circle.
◆ Wide IP
The Wide IP column displays the name of a wide IP for which the Global
Traffic Manager is responsible. Each name appears as a link. When you
click the link, the properties screen for the wide IP opens.
◆ Pools
The Pools column provides a link that opens a pool details screen for the
wide IP. This screen displays load balancing statistics for each pool
within the wide IP. You can return to the main wide IP statistics screen
by clicking the Back button in the Display Options area of the screen.
◆ Requests
The Requests column displays the cumulative number of DNS requests
sent to the wide IP.
11 - 6
Viewing Statistics
◆ Requests Persisted
The Requests Persisted column displays the cumulative number of
requests that persisted. Persisted requests use the same pool during a
connection session.
◆ Load Balancing
The Load Balancing column provides information on how the Global
Traffic Manager load balanced connection requests to this resource. This
column consists of four subcolumns:
Pool statistics
The Pool statistics available through the Global Traffic Manager focus on
how the Global Traffic Manager has load balanced name resolution
requests. You can access the pool statistics by selecting Pools from the
Statistics Type list in the Statistics screen. For information on accessing the
Statistics screen, see Accessing statistics, on page 11-2.
As an example of pool statistics, consider the fictional company
SiteRequest. The IT department at SiteRequest has a wide IP,
www.siterequest.com, which contains pools that use the dynamic load
balancing mode, Quality of Service. This mode acquires statistical data on
response times between the Global Traffic Manager and a Local DNS server
sending a name resolution request. There has been some concern of late as
to how well this new load balancing mode is working and if the Global
Traffic Manager is able to gather the statistical information it needs to load
balance with this mode, or if it has to resort to an alternate or fallback
method. By using the pool statistics screen, the IT department can track how
many name resolution requests are load balanced using the preferred Quality
of Service method, and how many are load balanced using another method.
The pool statistics screen consists of a Pool Statistics table. This table
contains the following information:
◆ Status
The Status column indicates the current status of the pool. The available
status types are: Available, Unavailable, Offline, and Unknown. Each
status type is represented by a symbol; for example, the available status
type is represented by a green circle.
◆ Pool
The Pool column displays the name of a wide IP for which the Global
Traffic Manager is responsible. Each name appears as a link. When you
click the link, the properties screen for the pool opens.
◆ Members
The Members column provides a link that opens a virtual server details
screen for the pool. This screen displays connection statistics for each
virtual server within the pool, including the number of times the virtual
server was selected for a name resolution request and the amount of
traffic flowing from and to the virtual server. You can return to the main
wide IP statistics screen by clicking the Back button in the Display
Options area of the screen.
◆ Load Balancing
The Load Balancing column provides information on how the Global
Traffic Manager load balanced connection requests to this resource. This
column consists of four subcolumns:
11 - 8
Viewing Statistics
As an example of how the statistics for data centers can help you manage
your network resources, consider the fictional company SiteRequest.
SiteRequest has decided that its New York data center should handle all
name resolution requests originating in North America. However, since a
new marketing campaign started in the United States and the IT department
is concerned it might overload the data center. By using the data center
statistics, the IT department can track the overall amount of traffic that the
New York data center is handling, allowing them to make adjustments to
their load balancing methods in a timely manner.
The data center statistics screen consists of a Data Center Statistics table.
This table contains the following information:
◆ Status
The Status column indicates the current status of the data center. The
available status types are: Available, Unavailable, Offline, and
Unknown. Each status type is represented by a symbol; for example, the
available status type is represented by a green circle.
◆ Data Center
The Data Center column displays the name of a data center. Each name
appears as a link. When you click the link, the properties screen for the
data center opens.
◆ Servers
The Servers column provides a link that opens a server details screen for
the data center. This screen displays connection statistics for each server
at a data center, including the number of times the server was selected for
a name resolution request and the amount of traffic flowing from and to
the server. You can return to the main data center statistics screen by
clicking the Back button in the Display Options area of the screen.
◆ Connections
The Connections column displays the cumulative number of requests that
the Global Traffic Manager resolved using a resource from the
corresponding data center.
◆ Throughput (bits/sec)
The Throughput (bits/sec) column contains two subcolumns:
• The In column displays the cumulative number of bits per second sent
to the data center.
• The Out column displays the cumulative number of bits per second
sent from the data center.
◆ Throughput (packets/sec)
The Throughput (packets/sec) column contains two subcolumns:
• The In column displays the cumulative number of packets per second
sent to the data center.
• The Out column displays the cumulative number of packets per
second sent from the data center.
Link statistics
Link statistics focus on how much traffic is flowing in and out through a
specific link to the Internet. This information can help you prevent a link
from getting over-used, saving your organization from higher bandwidth
costs. You can access the link statistics by selecting Links from the
Statistics Type list in the Statistics screen. For information on accessing the
Statistics screen, see Accessing statistics, on page 11-2.
As an example of how the statistics for data centers can help you manage
your network resources, consider the fictional company SiteRequest.
SiteRequest has two links with two different Internet Service Providers
(ISPs). The primary ISP is paid in advance for a specific amount of
bandwidth usage. This allows SiteRequest to save money, but if the
bandwidth exceeds the prepaid amount, the costs increase considerably. As
a result, the IT department uses a second ISP, which has a slower connection
but considerably lower costs. By using the links statistics, the IT department
can ensure that links to the Internet are used as efficiently as possible.
The link statistics screen consists of a Link Statistics table. This table
contains the following information:
◆ Status
The Status column indicates the current status of the link. The available
status types are: Available, Unavailable, Offline, and Unknown. Each
status type is represented by a symbol; for example, the available status
type is represented by a green circle.
◆ Link
The Link column displays the name of a link for which the Global
Traffic Manager is responsible. Each name appears as a link. When you
click the link, the properties screen for the link opens.
◆ Throughput (bits/sec)
The Throughput (bits/sec) column contains four subcolumns:
• The In column displays the cumulative number of bits per second sent
to the data center.
• The Out column displays the cumulative number of bits per second
sent from the data center.
• The Total column displays the cumulative number of both incoming
and outgoing bits per second for the link.
• The Over Prepaid displays the amount of traffic, in bits per second,
that has exceeded the prepaid traffic allotment for the link.
In addition to viewing the link data as a table, you can also view it in a graph
format. To use this format, click the Graph button. A graph screen opens,
which shows the amount of traffic used over time. You can change the
amount of time shown in the graph by selecting a value from the Graph
Interval list, located in the Display Options area of the screen.
11 - 10
Viewing Statistics
Server statistics
With Server statistics, you can analyze the amount of traffic flowing to and
from each server. This information can tell you if your resources are
distributed appropriately for your network. You can access the server
statistics by selecting Servers from the Statistics Type list in the Statistics
screen. For information on accessing the Statistics screen, see Accessing
statistics, on page 11-2.
As an example of how the statistics for servers can help you manage your
network resources, consider the fictional company SiteRequest. The IT
department at SiteRequest is considering whether it needs a few more
servers to better manage name resolution requests; however, there is some
debate as to whether the servers should be consolidated at the New York
data center (which the New York team would prefer) or spread out over all
of the data centers. It is also possible that an under-utilized server at one
data center might be moved to another data center. By using the server
statistics, the IT department can look at how much traffic is handled by each
server, giving them the information they need to decide where these new
servers, if any, should go.
The server statistics screen consists of a Server Statistics table. This table
contains the following information:
◆ Status
The Status column indicates the current status of the server. The
available status types are: Available, Unavailable, Offline, and
Unknown. Each status type is represented by a symbol; for example, the
available status type is represented by a green circle.
◆ Server
The Server column displays the name of a server for which the Global
Traffic Manager is responsible. Each name appears as a link. When you
click the link, the properties screen for the server opens.
◆ Virtual Servers
The Virtual Servers column provides a link that opens a virtual server
details screen for the server. This screen displays connection statistics for
each virtual server at a data center, including the number of times the
virtual server was selected for a name resolution request and the amount
of traffic flowing from and to the server. You can return to the main data
center statistics screen by clicking the Back button in the Display
Options area of the screen.
◆ Picks
The Picks column displays the cumulative number of times the Global
Traffic Manager picked a server to handle a name resolution request.
◆ Connections
The Connections column displays the cumulative number of requests that
the Global Traffic Manager resolved using a resource from the
corresponding data center.
◆ Throughput (bits/sec)
The Throughput (bits/sec) column contains two subcolumns:
• The In column displays the cumulative number of bits per second sent
to the server.
• The Out column displays the cumulative number of bits per second
sent from the server.
◆ Throughput (packets/sec)
The Throughput (packets/sec) column contains two subcolumns:
• The In column displays the cumulative number of packets per second
sent to the server.
• The Out column displays the cumulative number of packets per
second sent from the server.
11 - 12
Viewing Statistics
a name resolution request and the amount of traffic flowing from and to
the server. You can return to the main data center statistics screen by
clicking the Back button in the Display Options area of the screen.
◆ Picks
The Picks column displays the cumulative number of times the Global
Traffic Manager picked a server to handle a name resolution request.
◆ Connections
The Connections column displays the cumulative number of requests that
the Global Traffic Manager resolved using a resource from the
corresponding data center.
◆ Throughput (bits/sec)
The Throughput (bits/sec) column contains two subcolumns:
• The In column displays the cumulative number of bits per second sent
to the server.
• The Out column displays the cumulative number of bits per second
sent from the server.
◆ Throughput (packets/sec)
The Throughput (packets/sec) column contains two subcolumns:
• The In column displays the cumulative number of packets per second
sent to the server.
• The Out column displays the cumulative number of packets per
second sent from the server.
Paths statistics
The paths statistics captured by the Global Traffic Manager provide
information on how quickly traffic moves between a Local DNS and a
resource for which the Global Traffic Manager is responsible. Information
presented in the paths statistics screen includes details on round trip times
(RTT), hops, and completion rates.You can access the paths statistics by
selecting Paths from the Statistics Type list in the Statistics screen. For
information on accessing the Statistics screen, see Accessing statistics, on
page 11-2.
Paths statistics are primarily used when you employ a dynamic load
balancing mode for a given wide IP or pool. You can use the information in
the Paths statistics to get an overall sense of how responsive your wide IPs
are in relation to the Local DNS servers that have been sending name
resolution requests to a wide IP.
The paths statistics screen consists of a paths statistics table. This table
contains the following information:
◆ Local DNS Address
The Local DNS Address column displays the IP address of each Local
DNS that has sent a name resolution request for a wide IP for which the
Global Traffic Manager is responsible.
◆ Link
The Link column displays the ISP link that the Global Traffic Manager
used to send and receive data from the Local DNS.
◆ Round Trip Time (RTT)
The Round Trip Time (RTT) column contains two subcolumns:
• The Current subcolumn displays the current round trip time between
the Local DNS and the Global Traffic Manager.
• The Average subcolumn displays the average round trip time between
the Local DNS and the Global Traffic Manager.
◆ Hops
The Hops column contains two subcolumns:
• The Current subcolumn displays the current number of hops between
the Local DNS and the Global Traffic Manager.
• The Average subcolumn displays the average number of hops
between the Local DNS and the Global Traffic Manager.
◆ Completion Rate
The Completion Rate column contains two subcolumns:
• The Current subcolumn displays the current completion rate of
transactions between the Local DNS and the Global Traffic Manager.
• The Average subcolumn displays the average completion rate of
transactions between the Local DNS and the Global Traffic Manager.
11 - 14
Viewing Statistics
The local DNS statistics screen consists of a local DNS statistics table. This
table contains the following information:
◆ IP Address
The IP Address column displays the IP address of each Local DNS that
has sent a name resolution request for a wide IP for which the Global
Traffic Manager is responsible.
◆ Requests
The Requests column displays the number of times this Local DNS has
made a name resolution request that the Global Traffic Manager handled.
◆ Last Accessed
The Last Accessed column displays the last time the Local DNS
attempted a connection to the Global Traffic Manager.
◆ Location
The Location column contains four subcolumns:
• The Continent subcolumn displays the continent on which the Local
DNS resides.
• The Country subcolumn displays the country in which the Local DNS
is located.
• The State subcolumn displays the state in which the Local DNS is
located.
• The City subcolumn displays the city in which the Local DNS is
located.
11 - 16
12
Collecting Metrics
• Defining metrics
Defining metrics
When you decide to use the Global Traffic Manager to collect metrics on the
LDNS servers that attempt to access your network resources, you can define
the following characteristics:
• The types of metrics collected (either hops, paths, both, or disabled)
• The time-to-live (TTL) values for each metric
• The frequency at which the system updates the data
• The size of a packet sent (relevant for hop metrics only)
• The length of time that can pass before the system times out the
collection attempt
• The number of packets sent for each collection attempt
While each of these settings is important, the ones that perhaps require the
most planning beforehand are the TTL values. In general, the lower the TTL
value, the more often the Global Traffic Manager probes an LDNS. This
improves the accuracy of the data, but increases bandwidth usage.
Conversely, increasing the TTL value for a metric lowers the bandwidth
your network uses, but increases the chance that the Global Traffic Manager
is basing its load balancing operations off of stale data
An additional consideration is the number of LDNS servers that the Global
Traffic Manager queries. The more LDNS servers that the system queries,
the more bandwidth is required to ensure those queries are successful. As
you can see, setting the TTL values for metrics collection can require
incremental fine-tuning. We recommend that you periodically check the
TTL values that you set, and verify that they are appropriate for your
network.
To define metrics
1. On the Main tab of the navigation pane, expand System and then
click General Properties.
The General properties screen opens.
2. From the Global Traffic menu, choose Metrics Collection.
The metrics collection screen opens.
3. In the Configuration area, assign values to the different
metrics-related settings.
For detailed information on these settings, please see the online
help.
4. Click the Update button.
12 - 2
Collecting Metrics
With these probes, it does not matter if the Global Traffic Manager receives
a valid response, such as the name of the LDNS, as queried by the
DNS_REV probe, or a request refused statement. The relevant information
is the metrics generated between the probe request and the response. For
example, the Global Traffic Manager uses the DNS_REV probe to query
two LDNS servers. The first LDNS responds to the probe with its name, as
per the request. The second LDNS, however, responds with a request
refused statement, because it is configured to not allow such requests. In
both cases, the probe was successful, because the Global Traffic Manager
was able to acquire data on how long it took for both LDNS servers to
respond to the probe.
You can configure the Global Traffic Manager to use a select number of
probes, or you can assign all five. The more probes that the Global Traffic
Manager uses, the more bandwidth is required.
To assign a probe
1. On the Main tab of the navigation pane, expand System and then
click General Properties.
The General screen opens.
2. From the Global Traffic menu, choose Metrics Collection.
The metrics collection screen opens.
3. In the Local DNS (LDNS) area, use the options provided in the
Metrics Collection Protocol option to assign the relevant probes.
4. In the Metrics Caching box, define the number of seconds for
which the Global Traffic Manager keeps the collected metrics data.
This value determines how often the system probes a given LDNS.
The default value is 3600 seconds, or one hour.
5. In the Inactive Local DNS TTL box, define the number of seconds
for which an LDNS can be inactive before the Global Traffic
Manager considers it inactive.
The Global Traffic Manager stops probing LDNS servers that are
considered inactive. The default value is 2419200, or 28 days.
6. Click the Update button to save your changes.
12 - 4
Collecting Metrics
Hops TTL Specifies the number of seconds that the Global Traffic Manager considers 604800
traceroute data to be valid. (seven days)
Paths TTL Specifies the number of seconds that the Global Traffic Manager uses path 2400
information for name resolution and load balancing.
Inactive Path TTL Specifies the number of seconds that a path remains in the cache after its 604800
last access. (seven days)
Inactive Local DNS Specifies the number of seconds that a local DNS remains in the cache 2419200
TTL after its last access. (28 days)
Each resource also has a timer value. A timer value defines the frequency
(measured in seconds) at which the Global Traffic Manager refreshes the
metrics information it collects. In most cases, the default values for the TTL
and timer parameters are adequate. However, if you make changes to any
TTL or timer value, keep in mind that an object’s TTL value must be greater
than its timer value.
Table 12.2 describes each timer value, as well as its default setting.
Hops data refresh Specifies the frequency (in seconds) at which the Global Traffic 60
Manager retrieves traceroute data (traceroutes between each data
center and each local DNS).
Paths refresh Specifies the frequency (in seconds) at which the Global Traffic 120
Manager refreshes path information (for example, round trip time or
ping packet completion rate).
Sync Time Tolerance Specifies the number of seconds that one system’s time setting is 10
allowed to be out of sync with another system’s time setting.
Note: If you are using NTP to synchronize the time of the Global
Traffic Manager with a time server, leave the time tolerance at the
default value of 10. In the event that NTP fails, the Global Traffic
Manager uses the time_tolerance variable to maintain
synchronization.
This setting is available in the General screen of the Global Traffic
Manager’s general properties section.
Timer Sync State Specifies the interval (in seconds) at which the Global Traffic Manager 30
checks to see if it should change states (from Principal to Receiver or
from Receiver to Principal).
This setting is available in the General screen of the Global Traffic
Manager’s general properties section.
Metrics Caching Specifies the interval (in seconds) at which the Global Traffic Manager 3600
archives the paths and metrics data.
This setting is available in the General screen of the Global Traffic
Manager’s general properties section.
12 - 6
Collecting Metrics
12 - 8
13
Managing iRules
• Creating iRules
• Assigning iRules
• Removing iRules
Managing iRules
What is an iRule?
An iRule is a script that you write if you want individual connections to
target a pool other than the default pool defined for a virtual server. iRules
allow you to more directly specify the pools to which you want traffic to be
directed. Using iRules, you can send traffic not only to pools, but also to
individual pool members or hosts.
The iRules you create can be simple or sophisticated, depending on your
content-switching needs. Figure 13.1 shows an example of a simple iRule.
when DNS_REQUEST {
if { [IP::addr [IP::client_addr] equals 10.10.10.10] } {
pool my_pool
}
}
This iRule is triggered when a DNS request has been detected, causing the
Global Traffic Manager to send the packet to the pool my_pool, if the IP
address of the local DNS making the request matches 10.10.10.10.
iRules can direct traffic not only to specific pools, but also to individual pool
members, including port numbers and URI paths, either to implement
persistence or to meet specific load balancing requirements.
The syntax that you use to write iRules is based on the Tool Command
Language (Tcl) programming standard. Thus, you can use many of the
standard Tcl commands, plus a set of extensions that the Global Traffic
Manager provides to help you further increase load balancing efficiency.
For information about standard Tcl syntax, see
http://tmml.sourceforge.net/doc/tcl/index.html.
Creating iRules
You create an iRule using the Configuration utility.
To create an iRule
1. On the Main tab of the navigation pane, expand Global Traffic and
click iRules.
The iRules screen opens.
2. Click the Create button.
3. In the Name box, type a 1- to 31-character name.
4. In the Definition box, type the syntax for your iRule.
5. If you want to expand the length of the Definition box, check
Extend Text Area. Also, if you want the contents of the iRule to
wrap within the box, check Wrap Text.
6. Click the Finished button to save your changes.
For detailed syntax information on writing iRules, see the remainder of this
chapter.
13 - 2
Managing iRules
Assigning iRules
Within the Global Traffic Manager, you assign iRules to the wide IPs in
your network configuration. The system then applies the iRules to incoming
network traffic.
To assign an iRule
1. On the Main tab of the navigation pane, expand Global Traffic and
then click Wide IPs.
The main screen for wide IPs opens.
2. Click the name of the wide IP to which you want to assign an iRule.
The properties screen for the wide IP opens.
3. On the menu bar, click iRules.
The main iRules screen for the wide IP opens.
4. Click the Manage button.
The Manage iRules screen opens.
5. From the iRule list, select an appropriate iRule.
6. Click the Add button.
The new rule appears in the list of assigned iRules.
7. Click the Finished button to save your changes.
Specifying events
The iRules feature includes several types of event declarations that you can
make in an iRule. Specifying an event declaration determines when the
Global Traffic Manager evaluates the iRule. The following sections list and
describe these event types. Also described is the concept of iRule context
and the use of the when keyword.
Event types
The iRule command syntax includes several types of event declarations that
you can specify within an iRule. These event types are listed in table 13.1.
LB_FAILED Triggered when a connection to the server was unable to complete. This might
occur if the pool has no available members or a selected pool member is
otherwise not available.
13 - 4
Managing iRules
discard Causes the current packet or connection (depending on the context of the
event) to be discarded. This statement must be conditionally associated with
an if statement.
[use] host <string> Causes the server host, as identified by a string, to be used directly, thus
bypassing any load-balancing.
if { <expression> } { Asks a true or false question and, depending on the answer, takes some
<statement_command> action.
} Note that the maximum number of if statements that you can nest in an iRule
elseif { <expression> } { is 100.
<statement_command>
}
log [<facility>.<level>] <message> Generates and logs the specified message to the Syslog facility.
[use] host <addr> [<port>] Causes the server host, as identified by IP address and, optionally, port
number, to be used directly, thus bypassing any load-balancing.
[use] pool <pool_name> [member Causes the Global Traffic Manager to load balance traffic to the named pool.
<addr> [<port>]] This statement must be conditionally associated with an if statement.
Optionally, you can specify a specific pool member to which you want to direct
the traffic.
reject Causes the connection to be rejected, returning a reset as appropriate for the
protocol.
13 - 6
Managing iRules
ttl <value> Overrides the default time-to-live value. If this command is used for a CNAME,
the value overrides the default of 0. If this command is used for a pool, the
value overrides the time-to-live value for that pool.
whereis <ip> [[country] [continent]] Returns the geographic location of a specific IP address. If the keywords
[country] or [continent] are not specified, this command returns all location
data.
Command Description
findstr Finds a string within another string and returns the string starting at the offset specified from the
match.
substr Finds a string within another string and returns the string starting at the offset specified from the
match.
findclass Finds the member of a data group that contains the result of the specified expression, and returns
that data group member or the portion following the separator, if a separator was provided.
host Searches for a specific host name within the supplied <string>.
crc32 <string> Returns the crc32 checksum for the provided string, or if an error occurs, an
empty string. Used to ensure data integrity.
md5 <string> Returns the RSA Data Security, Inc. MD5 Message Digest Algorithm (md5)
message digest of the provided string, or if an error occurs, an empty string.
Used to ensure data integrity.
13 - 8
Managing iRules
active_members <pool name> Returns the number of active members in the pool.
member_priority <pool name> Returns the priority for pool member ip:port.
member <ip> [<port>]
LB::server [<pool | name | address | Returns the name of the server selected for a load balancing operation.
port>
LB::status [<up | down | session Returns the status of the selected resource.
enabled | session disabled>]
LB::status pool <name> member Returns the status of the selected pool.
<address> [<port> <up | down |
session enabled | session disabled>]
LB::status vs <ip> <port> [<up | down Returns the status of the selected virtual server.
| session enabled | session
disabled>]
IP commands
The Global Traffic Manager supports the following IP commands.
IP::remote_addr Returns the IP address of the client for a given name resolution request.
Equivalent to IP::client_addr.
IP::local_addr Returns the IP address of the server for a given name resolution request.
Equivalent to IP::server_addr.
IP::client_addr Returns the IP address of the client for a given name resolution request.
Equivalent to IP::remote_addr.
IP::server_addr Returns the IP address of the server for a given name resolution request.
Equivalent to IP::local_addr.
TCP commands
The Global Traffic Manager supports the following TCP commands.
UDP commands
The Global Traffic Manager supports the following UDP commands.
13 - 10
Managing iRules
Removing iRules
Within the Global Traffic Manager, you can remove an iRule from a wide IP
at any time.
To remove an iRule
1. On the Main tab of the navigation pane, expand Global Traffic and
then click Wide IPs.
The main screen for wide IPs opens.
2. Click the name of the wide IP to which you want to assign an iRule.
The properties screen for the wide IP opens.
3. On the menu bar, click iRules.
The main iRules screen for the wide IP opens.
4. Click Manage.
The Manage iRules screen opens.
5. Select the iRule that you would like to remove, and then click the
Remove button to remove it.
6. Click the Finished button to save your changes.
13 - 12
14
Managing DNS Files with ZoneRunner
• Introducing ZoneRunner
Introducing ZoneRunner
One of the modes in which you operate the Global Traffic Manager is the
node mode. In node mode, the Global Traffic Manager is responsible not
only for load balancing name resolution requests and monitoring the health
of your physical and logical network; it is also responsible for maintaining
the DNS zone files that map name resolution requests to the appropriate
network resource.
In the Global Traffic Manager, you create, manage, and maintain DNS files
using the ZoneRunner™ utility. The ZoneRunner utility is a zone file
management utility that can manage both DNS zone files and your BIND
configuration. With the ZoneRunner utility, you can:
• Manage the DNS zones and zone files for your network, including
importing and transferring zone files
• Manage the resource records for those zones
• Manage views (a BIND 9 feature)
• Manage a local name server and its configuration file, named.conf
Note
In the Configuration utility, you must configure a zone before you configure
any other objects in the ZoneRunner utility.
14 - 2
Managing DNS Files with ZoneRunner
To create a zone
1. On the Main tab of the navigation pane, expand Global Traffic and
click ZoneRunner.
The Resource Records List screen opens.
2. On the menu bar, click Zone List.
The Zone List screen opens.
3. Click the Create button.
The New Zone screen opens.
4. From the View Name list, select a view with which to associate the
new zone.
The default setting is external.
5. In the Zone Name box, type a fully-qualified domain name for the
zone.
Note: Do not forget the trailing dot ( . ) at the end of the name.
6. From the Zone Type list, select the type of zone that you are
configuring.
The screen refreshes to display the configuration settings for the
zone type.
Note
Each zone type has unique characteristics. The following sections describe
how to create each zone type.
Important
To complete these steps, you must first complete the process as described in
the previous section, Creating zone files, on page 14-2.
Important
To complete these steps, you must first complete the process as described in
the previous section, Creating zone files, on page 14-2.
14 - 4
Managing DNS Files with ZoneRunner
Important
To complete these steps, you must first complete the process as described in
the previous section, Creating zone files, on page 14-2.
4. On the New Zone screen, select Slave from the Zone Type list.
The screen refreshes to display the configuration options for a
secondary zone.
5. In the Zone File Name box, type the name you want to use for the
zone file.
6. In the Options box, you can type any additional statements that the
zone requires. Do not delete the allow-update statement, as the
system needs this to maintain compatibility with the wide IP
information.
Important: Exercise caution when typing in the Options box. The
system writes any changes you make directly to the named.conf file.
For information on available options and syntax, refer to the BIND
documentation mentioned at the beginning of this chapter.
7. Click the Finished button to save your changes.
Important
To complete these steps, you must first complete the process as described in
the previous section, Creating zone files, on page 14-2.
14 - 6
Managing DNS Files with ZoneRunner
Important
To complete these steps, you must first complete the process as described in
the previous section, Creating zone files, on page 14-2.
Note
Note
14 - 8
Managing DNS Files with ZoneRunner
Before you can transfer zone files from another server, you must ensure that
the you have configured the source server to allow transfers to the
destination server. You typically accomplish this task using the
allow-transfer option. See your DNS and BIND documentation for more
information.
Note
Modifying zones
Through the ZoneRunner utility, you can modify zones on an as-needed
basis. For example, you can increase or decrease the time-to-live (TTL)
value for the zone, or change the master server for the zone.
Note
You can also add resource records to an existing zone file. See Working
with resource records, on page 14-11.
To modify a zone
1. On the Main tab of the navigation pane, expand Global Traffic and
click ZoneRunner.
The Resource Records List screen opens.
2. On the menu bar, click Zone List.
The main screen for the zone opens.
3. Click the name of the zone that you want to modify.
The properties screen for the zone opens.
4. Modify the settings for the zone as needed.
5. Click the Update button to save your changes.
Deleting zones
With the ZoneRunner utility, you can delete zones that either have become
obsolete or are no longer relevant to the Global Traffic Manager due to a
network configuration change. For example, you might adjust your name
servers, after which the Global Traffic Manager is no longer responsible for
a specific zone.
To delete a zone
1. On the Main tab of the navigation pane, expand Global Traffic and
click ZoneRunner.
The Resource Records List screen opens.
2. On the menu bar, click Zone List.
The main screen for the zone opens.
3. Click the name of the zone that you want to modify.
The properties screen for the zone opens.
4. Modify the settings for the zone as needed.
5. Click the Delete button.
A confirmation screen opens.
6. Click the Delete button again to delete the zone.
14 - 10
Managing DNS Files with ZoneRunner
Note
Although case is preserved in names and data fields when loaded into the
name server, comparisons and lookups in the name server database are not
case-sensitive.
14 - 12
Managing DNS Files with ZoneRunner
6. In the TTL box, type the time-to-live value for the record.
7. From the Type list, select the type of resource record that you are
configuring.
The screen refreshes to display the configuration settings for the
resource record type.
Note
Important
To complete these steps, you must first complete the process as described in
Creating resource records, on page 14-12.
To create an A record
1. On the New Resource Record screen, select A from the Type list.
The screen refreshes to display the configuration options for an A
resource record.
2. In the IP Address box, type the IP address for the A record.
3. If you want to create a reverse record that corresponds to this record,
check Create Reverse Record.
4. Click the Finished button to save your changes.
Important
To complete these steps, you must first complete the process as described in
Creating resource records, on page 14-12.
2. In the IP Address box, type the IP address for the AAAA record.
3. If you want to create a reverse record that corresponds to this record,
check Create Reverse Record.
4. Click the Finished button to save your changes.
Important
To complete these steps, you must first complete the process as described in
Creating resource records, on page 14-12.
Important
To complete these steps, you must first complete the process as described in
Creating resource records, on page 14-12.
14 - 14
Managing DNS Files with ZoneRunner
Important
To complete these steps, you must first complete the process as described in
Creating resource records, on page 14-12.
Important
To complete these steps, you must first complete the process as described in
Creating resource records, on page 14-12.
To create an MX record
1. On the New Resource Record screen, select MX from the Type list.
The screen refreshes to display the configuration options for an MX
resource record.
2. In the Preference box, type the preference for the mail server.
Preference is a numeric value for the preference of this mail
exchange host relevant to all other mail exchange hosts for the
domain. Lower numbers indicate a higher preference, or priority.
3. In the Mail Server box, type the appropriate domain name for the
mail server.
4. Click the Finished button to save your changes.
Important
To complete these steps, you must first complete the process as described in
Creating resource records, on page 14-12.
To create an NS record
1. On the New Resource Record screen, select NS from the Type list.
The screen refreshes to display the configuration options for an NS
resource record.
2. In the Name Server box, type the appropriate domain name for the
resource record.
3. Click the Finished button to save your changes.
Important
To complete these steps, you must first complete the process as described in
Creating resource records, on page 14-12.
Important
To complete these steps, you must first complete the process as described in
Creating resource records, on page 14-12.
14 - 16
Managing DNS Files with ZoneRunner
Important
To complete these steps, you must first complete the process as described in
Creating resource records, on page 14-12.
14 - 18
Managing DNS Files with ZoneRunner
build name server configurations on the same server, and have those
configurations apply dynamically when the request originates from a
specified source.
In the Global Traffic Manager, a single view is created automatically within
the ZoneRunner utility: external. If you do not want to create views, all
zones that the Global Traffic Manager maintains are associated with this
default view.
Through the ZoneRunner utility, you can:
• Add views
• Modify views
• Delete views
Adding views
If you have a DNS that is accessed from multiple communities, you can
create a view for each community. Depending on the community, the name
server uses a different configuration for resolving name requests.
To add a view
1. On the Main tab of the navigation pane, expand Global Traffic and
click ZoneRunner.
The Resource Records List screen opens.
2. On the menu bar, click View List.
The View List screen opens.
3. Click the Create button.
The New View screen opens.
4. In the View Name box, type a name for the view.
5. In the View Order box, select where the view resides in the view
hierarchy for the name server.
6. In the Options box, specify the criteria that determines when the
DNS should use the zone files associated with this view.
7. Click the Finished button to save your changes.
Modifying views
As the needs of the communities attempting to access the Global Traffic
Manager as a DNS change, you might need to modify your views. Through
the ZoneRunner utility, you can modify a view at any time.
To modify a view
1. On the Main tab of the navigation pane, expand Global Traffic and
click ZoneRunner.
The Resource Records List screen opens.
2. On the menu bar, click View List.
The View List screen opens.
3. Click the name of the view you want to modify.
The properties screen for the view opens.
4. Modify the view settings as needed. Note that you cannot change
the name of the view.
5. Click Update to apply your changes.
Deleting views
If a view is no longer necessary for your name resolutions, you can delete it
from the ZoneRunner utility.
To delete a view
1. On the Main tab of the navigation pane, expand Global Traffic and
click ZoneRunner.
The Resource Records List screen opens.
2. On the menu bar, click View List.
The View List screen opens.
3. Click the name of the view you want to delete.
The properties screen for the view opens.
4. Click the Delete button.
A confirmation screen opens.
5. Click the Delete button again to delete the view.
14 - 20
Managing DNS Files with ZoneRunner
Important
In this procedure, we assume that you are fully familiar with the
named.conf file and the syntax of its contents. Modifying the named.conf
file carries a high level of risk, as a syntax error can prevent the entire
BIND system from performing as expected. For this reason, we recommend
that you use the user interface of the ZoneRunner utility whenever possible,
and that you exercise caution when editing the named.conf file.
14 - 22
A
Working with the big3d Agent
Note
We recommend that you have a big3d agent running on at least one system
in each data center in your network. This configuration ensures that the
Global Traffic Manager has timely access to the metrics associated with
network traffic
A-2
Working with the big3d Agent
big3d agent to each BIG-IP system in the network. See the release notes
provided with the Global Traffic Manager software for information about
which versions of the BIG-IP software the current big3d agent supports.
For details on installing the big3d agent, see Installing the big3d agent,
following.
◆ Setting up communications between big3d agents and other systems
Before the big3d agents can communicate with the Global Traffic
Managers in the network, you need to configure the appropriate ports and
tools to allow communication between the devices running the big3d
agent and Global Traffic Managers in the network. These planning issues
are discussed in Setting up communication between Global Traffic
Managers and other servers, on page A-5.
Another factor that can affect data collection is the number of client LDNS
servers that make name resolution requests. The more LDNS servers that
make resolution requests, the more path data that the big3d agents have to
collect. While round trip time for a given path may vary constantly due to
current network load, the number of hops along a network path between a
data center and a specific LDNS does not often change. Consequently, you
may want to set short timer settings for round trip time data so that it
refreshes more often, but set high timer settings for hops data because it
does not need to be refreshed often.
A-4
Working with the big3d Agent
Table A.2 shows the protocols and corresponding ports used for iQuery
communications between big3d agents and SNMP agents that run on host
servers.
big3d agent host SNMP agent UDP >1023 161 Ephemeral ports used to make
SNMP queries for host statistics
host SNMP agent big3d agent UDP 161 >1023 Ephemeral ports used to receive
host statistics using SNMP
Table A.2 Communication protocols and ports between big3d agents and SNMP agents on hosts
The virtual server translation option resolves this issue. When you configure
address translation for virtual servers, the iQuery packet stores the original
IP address in the packet payload itself. When the packet passes through a
firewall, the firewall translates the IP address in the packet header normally,
but the IP address within the packet payload is preserved. The Global
Traffic Manager reads the IP address out of the packet payload, rather than
out of the packet header.
For example, firewall separates the path between a BIG-IP system running a
big3d agent, and the Global Traffic Manager. The packet addresses are
translated at the firewall. However, addresses within the iQuery payload are
not translated, and they arrive at the BIG-IP system in their original states.
big3d LDNS TCP >1023 53 Probe using TCP (Cisco© routers: allow
establish)
LDNS big3d TCP 53 >1023 Replies using TCP (Cisco© routers: allow
establish)
LDNS big3d ICMP N/A N/A Replies to ICMP, UDP pings, or traceroute
probes
big3d LDNS dns_rev >1023 53 Probe using DNS rev or DNS dot
dns_dot
LDNS big3d dns_rev 53 >1023 Replies to DNS rev or DNS dot probes
dns_dot
Table A.3 Communications between big3d agents and local DNS servers
A-6
B
Understanding Probes
• Introducing probes
• Understanding iQuery
Introducing probes
When you install a Global Traffic Manager in a network, that system
typically works within a larger group of BIG-IP® products. These products
include other Global Traffic Managers, Link Controllers, and Local Traffic
Managers. The Global Traffic Manager must be able to communicate with
these other systems to maintain an accurate assessment of the health and
availability of different network components. For example, the Global
Traffic Manager must be able to acquire statistical data from resources that
are managed by a Local Traffic Manager in a different data center. BIG-IP
systems acquire this information through the use of probes. A probe is an
action a BIG-IP system takes to acquire data from other network resources.
Probes are an essential means by which the Global Traffic Manager tracks
the health and availablity of network resources; however, it is equally
important that the responsibility for conducting probes be distributed across
as many BIG-IP products as possible. This distribution ensures that no one
system becomes overloaded with conducting probes, which would cause a
decrease in performance in the other tasks for which a BIG-IP system is
responsible.
Note
If you are familiar with the precursor to the Global Traffic Manager, the
3-DNS Controller, you are likely already familiar with probes. With 3-DNS
Controllers, a single system, the principal system, was responsible for
managing all of the probe requests. With the introduction of the Global
Traffic Manager, these requests are distributed more efficiently across other
BIG-IP Global Traffic Manager systems.
Understanding iQuery
At the heart of probe management with Global Traffic Manager systems is
iQuery, the communications protocol that these systems use to send
information from one system to another. With iQuery, Global Traffic
Managers in the same synchronization group can share configuration
settings, assign probe requests to big3d agents, and receive data on the
status of network resources.
The iQuery protocol is an XML protocol that is sent between each system
using gzip compression and SSL. These communications can only be
allowed between systems that have a trusted relationship established, which
is why configuration tools such as big3d_install, bigip_add, and gtm_add
are critical when installing or updating Global Traffic Managers. If two
systems have not exchanged their SSL certificates, they cannot share
information with each other using iQuery.
In addition to requiring trusted relationships, systems send iQuery
communications only on the VLAN in which the system received the
incoming message. Also, iQuery communications occur only within the
same synchronization group. If your network consists of two
synchronization groups, with each group sharing a subset of network
resources, these groups both probe the network resources and communicate
with iQuery separately.
Generally, iQuery communications require no user intervention; however,
on occasion it can be necessary to view the data transmitted between each
system. For example, you might be troubleshooting the reason that a Global
Traffic Manager is exhibiting a particular behavior. In such a situation, you
can use the command, iqdump.
Note
One of the first pieces of information displayed when running iQuery is the
version of the remote big3d agent. This is an excellent way of determining if
a system is running the latest version of the big3d agent.
B-2
Understanding Probes
Now, consider that you want to acquire statistical data from a resource in the
New York data center. First, the Global Traffic Manager systems, based on
their iQuery communications with each other, identify whether there is a
Global Traffic Manager that belongs to the New York data center. In this
case, the answer is yes; the New York data center contains a Global Traffic
Manager. Next, the systems determine if more than one Global Traffic
Manager belongs to the New York data center. In this case, the answer is no;
the New York data center has only a stand-alone system. Consequently, the
Global Traffic Manager in the New York data center assumes responsibility
for conducting the probe on this particular resource.
In situations where more than one Global Traffic Manager belongs to a data
center, the systems use an algorithm to distribute the responsibility for
probes equally among Global Traffic Manager systems. This distribution
ensures that each Global Traffic Manager system has an equal chance of
being responsible for managing a probe request.
To demonstrate how probe requests are delegated between two Global
Traffic Manager systems at the same data center, consider again the network
configuration at SiteRequest. This time, the company needs to acquire data
from a resource that resides at the Los Angeles data center. As with the
previous example, the first step identifies whether the Los Angeles data
center has any Global Traffic Managers; in this case, the answer is yes. The
next criteria is whether there is more than one Global Traffic Manager at
that data center; in this case, the answer is also yes: the Los Angeles data
center has a redundant system that consists of two Global Traffic Managers.
Because there are two Global Traffic Managers at this data center, each
system compares the hash value of the resource with its own information;
whichever Global Traffic Manager has the closest value to the resource
becomes responsible for managing the probe request.
A final consideration is if a data center does not have any Global Traffic
Managers at all, such as the London data center in the configuration for
SiteRequest. In these situations, the responsibility for probing a resource at
that data center is divided among the other Global Traffic Managers; much
in the same way as the responsibility is divided among Global Traffic
Managers within the same data center.
Once a Global Traffic Manager becomes responsible for managing a probe,
it remains responsible for that probe until the network configuration changes
in one of the following ways:
• The Global Traffic Manager goes offline.
• A new Global Traffic Manager is added to the data center.
• The network configuration of the resource (such as its IP address)
changes.
B-4
Understanding Probes
Now, consider that a Global Traffic Manager in the Los Angeles data center
has assumed responsibility for managing a probe for a network resource. At
this data center, the system can assign the probe to one of four big3d agents:
one for each BIG-IP system at the data center. To select a big3d, the Global
Traffic Manager looks to see which big3d agent has the fewest number of
probes for which it is responsible. The big3d agent with the lowest number
of probes is tasked with conducting the probe. The Global Traffic Manager
checks this statistic each time the it needs to delegate the probe; as a result,
the big3d select could change from probe instance to probe instance.
In situations where a big3d agent does not reside in the same data center as
the resource, the designated Global Traffic Manager selects a big3d from all
available big3d agents on the network. Again, the agent selected is the agent
with the fewest number of probe requests, and this check occurs each time
the probe is conducted.
For example, SiteRequest adds a new set of web servers in Tokyo. At this
location, the company has yet to install its BIG-IP systems; however, the
current set of Global Traffic Managers in Los Angeles and New York are
managing traffic to these web servers. When initiating a probe request to
determine the availability of one of these servers, a Global Traffic Manager
is selected to manage the probe request. Then, that system chooses a big3d
agent to probe the web server, selecting any big3d agent located in Los
Angeles, New York, or London.
B-6
Understanding Probes
The Global Traffic Manager uses the specified BIG-IP system to conduct
probes on this server unless that system becomes unavailable.
Note
If you do not use Quality of Service load balancing, the Global Traffic
Manager does not conduct probes of LDNS servers.
When a given LDNS server makes a DNS request for a wide IP, that request
is sent to a single Global Traffic Manager. The Global Traffic Manager then
creates an LDNS server entry, and assigns that entry one of the following
states:
• New: the Global Traffic Manager has not come across this particular
LDNS server before
• Active: the Global Traffic Manager already has an existing entry for this
LDNS server
• Pending: the Global Traffic Manager has been contacted by this LDNS
server before, however, this server has yet to respond to a probe from a
Global Traffic Manager on this network
In general, the New and Pending states are temporary states; an LDNS
server remains in one of these states only until it responds to the first probe
request from a Global Traffic Manager. Once the Global Traffic Manager
receives a response, the LDNS entry is moved to the Active state. Each
Global Traffic Manager within a given synchronization group shares the
LDNS entries that are assigned this state, resulting in the synchronization
group having a common list of known LDNS servers.
Unlike internal probes, LDNS probes are not load balanced across Global
Traffic Managers. Instead, the Global Traffic Manager that the LDNS server
first queries becomes reponsible for the initial probe to that LDNS. These
probes are load balanced, however, across the multiple big3d agents, with
preference given to big3d agents that either belong to the same data center
as the responding Global Traffic Manager, or belong to the same link
through which the Global Traffic Manager received the LDNS query. After
the initial probe, an algorithm is used to load balance subsequent probes
across the available Global Traffic Manager systems.
The process for identifying and managing LDNS probe requests is as
follows:
1. An LDNS server sends a DNS request to a Global Traffic Manager.
B-8
Understanding Probes
Again, if you do not use Quality of Service load balancing modes, the
Global Traffic Managers do not conduct LDNS server probe.
B - 10
Glossary
Glossary
3-DNS Controller
See Global Traffic Manager.
A record
The A record is the ADDRESS resource record that a Global Traffic
Manager returns to a local DNS server in response to a name resolution
request. The A record contains a variety of information, including one or
more IP addresses that resolve to the requested domain name.
active unit
In a redundant system, an active unit is a system that currently load balances
name resolution requests. If the active unit in the redundant system fails, the
standby unit assumes control and begins to load balance requests.
alternate method
The alternate method specifies the load balancing mode that the Global
Traffic Manager uses to pick a virtual server if the preferred method fails.
See also fallback method, preferred method.
big3d agent
The big3d agent is a monitoring agent that collects metrics information
about server performance and network paths between a data center and a
specific local DNS server. The Global Traffic Manager uses the information
collected by the big3d agent for dynamic load balancing.
CNAME record
A canonical name (CNAME) record acts as an alias to another domain
name. A canonical name and its alias can belong to different zones, so the
CNAME record must always be entered as a fully qualified domain name.
CNAME records are useful for setting up logical names for network
services so that they can be easily relocated to different physical hosts.
completion rate
The completion rate is the percentage of packets that a server successfully
returns during a given session.
Configuration utility
The Configuration utility is the browser-based application that you use to
configure the Global Traffic Manager.
data center
A data center is a physical location that houses one or more Global Traffic
Managers, BIG-IP systems, or host machines.
domain name
A domain name is a unique name that is associated with one or more IP
addresses. Domain names are used in URLs to identify particular Web
pages. For example, in the URL http://www.f5.com/index.html, the
domain name is f5.com.
Glossary - 2
Glossary
fail-over
Fail-over is the process whereby a standby unit in a redundant system takes
over when a software failure or hardware failure is detected on the active
unit.
fail-over cable
The fail-over cable is the cable that directly connects the two system units in
a hardware-based redundant system.
fallback method
The fallback method is the third method in a load balancing hierarchy that
the Global Traffic Manager uses to load balance a resolution request. The
Global Traffic Manager uses the fallback method only when the load
balancing modes specified for the preferred and alternate methods fail.
Unlike the preferred method and the alternate method, the fallback method
uses neither server nor virtual server availability for load balancing
calculations. See also preferred method, alternate method.
host
A host is a network server that manages one or more virtual servers that the
Global Traffic Manager uses for load balancing.
iQuery
The iQuery protocol is used to exchange information between Global
Traffic Managers and BIG-IP systems. The iQuery protocol is officially
registered with IANA for port 4353, and works on UDP and TCP
connections.
Kilobytes/Second mode
The Kilobytes/Second mode is a dynamic load balancing mode that
distributes connections based on which available server currently processes
the fewest kilobytes per second.
local DNS
A local DNS is a server that makes name resolution requests on behalf of a
client. With respect to the Global Traffic Manager, local DNS servers are
the source of name resolution requests. Local DNS is also referred to as
LDNS.
metrics information
Metrics information is the data that is typically collected about the paths
between BIG-IP systems and local DNS servers. Metrics information is also
collected about the performance and availability of virtual servers. Metrics
information is used for load balancing, and it can include statistics such as
round trip time, packet rate, and packet loss.
name resolution
Name resolution is the process by which a name server matches a domain
name request to an IP address, and sends the information to the client
requesting the resolution.
Glossary - 4
Glossary
name server
A name server is a server that maintains a DNS database, and resolves
domain name requests to IP addresses using that database.
named
The named daemon manages domain name server software.
NS record
A name server (NS) record is used to define a set of authoritative name
servers for a DNS zone. A name server is considered authoritative for some
given zone when it has a complete set of data for the zone, allowing it to
answer queries about the zone on its own, without needing to consult
another name server.
packet rate
The packet rate is the number of data packets per second processed by a
server.
path
A path is a logical network route between a data center server and a local
DNS server.
path probing
Path probing is the collection of metrics data, such as round trip time and
packet rate, for a given path between a requesting LDNS server and a data
center server.
persistence
On a Global Traffic Manager, persistence is a series of related requests
received from the same local DNS server for the same wide IP name. When
persistence is turned on, a Global Traffic Manager sends all requests from a
particular local DNS server for a specific wide IP to the same virtual server,
instead of load balancing the requests.
picks
Picks represent the number of times a particular virtual server is selected to
receive a load balanced connection.
pool
A pool is a group of virtual servers managed by a BIG-IP system, or a host.
The Global Traffic Manager load balances among pools (using the Pool LB
Mode), as well as among individual virtual servers.
pool ratio
A pool ratio is a ratio weight applied to pools in a wide IP. If the Pool LB
mode is set to Ratio, the Global Traffic Manager uses each pool for load
balancing in proportion to the weight defined for the pool.
preferred method
The preferred method specifies the first load balancing mode that the Global
Traffic Manager uses to load balance a resolution request. See also alternate
method, fallback method.
probe
A probe is a specific query, initiated by a big3d agent, that attempts to
gather specific data from a given network resource. Probes are most often
employed when a health monitor attempts to verify the availability of a
resource.
QOS equation
The QOS equation is the equation on which the Quality of Service load
balancing mode is based. The equation calculates a score for a given path
between a data center server and a local DNS server. The Quality of Service
mode distributes connections based on the best path score for an available
data center server. You can apply weights to the factors in the equation, such
as round trip time and completion rate.
ratio
A ratio is the parameter in a virtual server statement that assigns a weight to
the virtual server for load balancing purposes.
Ratio mode
The Ratio load balancing mode is a static load balancing mode that
distributes connections across an pool of virtual servers in proportion to the
ratio weight assigned to each individual virtual server.
Glossary - 6
Glossary
redundant system
A redundant system is a pair of units that are configured for fail-over. In a
redundant system, one system runs as the active unit and the other system
runs as the standby unit. If the active unit fails, the standby unit takes over
and manages resolution requests.
resource record
A resource record is a record in a DNS database that stores data associated
with domain names. A resource record typically includes a domain name, a
TTL, a record type, and data specific to that record type. See also A record,
CNAME record, NS record.
reverse domains
A type of DNS resolution request that matches a given IP address to a
domain name. The more common type of DNS resolution request starts with
a given domain name and matches that to an IP address.
secondary DNS
The secondary DNS is a name server that retrieves DNS data from the name
server that is authoritative for the DNS zone.
Setup utility
The Setup utility is a utility that takes you through the initial system
configuration process. The Setup utility runs automatically when you turn
on a system for the first time.
standby unit
A standby unit is a system in a redundant system that is always prepared to
become the active unit if the active unit fails.
subdomain
A subdomain is a sub-section of a higher level domain. For example, .com is
a high level domain, and F5.com is a subdomain within the .com domain.
synchronization group
A synchronization group is a group of Global Traffic Managers that
synchronize system configurations and zone files (if applicable). All
synchronization group members receive broadcasts of metrics data from the
big3d agents throughout the network. All synchronization group members
also receive broadcasts of updated configuration settings from the Global
Traffic Manager that has the latest configuration changes.
Topology mode
The Topology mode is a static load balancing mode that bases the
distribution of name resolution requests on the weighted scores for topology
records. Topology records are used by the Topology load balancing mode to
redirect DNS queries to the closest virtual server, geographically, based on
location information derived from the DNS query message.
topology record
A topology record specifies a score for a local DNS server location endpoint
and a virtual server location endpoint.
topology score
The topology score is the weight assigned to a topology record when the
Global Traffic Manager is filtering the topology records to find the best
virtual server match for a DNS query.
topology statement
A topology statement is a collection of topology records.
Glossary - 8
Glossary
unavailable
The unavailable is a status used for data center servers and virtual servers.
When a data center server or virtual server is unavailable, the Global
Traffic Manager does not use it for load balancing.
unknown
The unknown status is used for data center servers and virtual servers.
When a data center server or virtual server is new to the Global Traffic
Manager and does not yet have metrics information, the Global Traffic
Manager marks its status as unknown. The Global Traffic Manager can use
unknown servers for load balancing, but if the load balancing mode is
dynamic, the Global Traffic Manager uses default metrics information for
the unknown server until it receives live metrics data.
up
The up status is used for data center servers and virtual servers. When a data
center server or virtual server is up, the data center server or virtual server is
available to respond to name resolution requests.
virtual server
A virtual server is a specific combination of a virtual IP address and virtual
port, and is associated with a content site that is managed by a BIG-IP
system or host server.
wide IP
A wide IP is a collection of one or more domain names that maps to one or
more groups of virtual servers managed either by BIG-IP systems, or by
host servers. The Global Traffic Manager load balances name resolution
requests across the virtual servers that are defined in the wide IP that is
associated with the requested domain name.
zone
In DNS terms, a zone is a subset of DNS records for one or more domains.
zone file
In DNS terms, a zone file is a database set of domains with one or many
domain names, designated mail servers, a list of other name servers that can
answer resolution requests, and a set of zone attributes, which are contained
in an SOA record.
ZoneRunner
ZoneRunner™ is the utility that allows you manage your resource records,
zone files, and named configuration associated with your implementation of
DNS and BIND.
Glossary - 10
Index
Index
3-DNS C
See Global Traffic Manager. CNAME record
creating 14-14
A defined 14-11
command syntax, conventions 1-12
A record
communications
creating 14-13
and big3d A-5
defined 14-11
and probes B-1
AAAA record
system 2-4
creating 14-13
completion rate mode 7-7
defined 14-11
configuration guide, using 1-7
ACL threshold option 9-8
Configuration utility
address exclusion list 12-7
about online help 1-13
alias addresses 10-35
and supported browser versions 1-11
applications
and the Welcome screen 1-13
See distributed applications.
introducing 1-10
authoritative 14-2
connections, resuming 8-10
auto-discovery
CPU mode 7-7
enabling 2-13
custom monitors
setting the polling frequency 2-13
importing from another custom monitor 10-5
importing from pre-configured monitor 10-5
B importing from template 10-6
big3d agent using 10-5
and broadcasting sequence A-3
and configuration trade-offs A-3
D
and data collection A-3
data center statistics 11-8
and dynamic load balancing 7-7
data centers
and iQuery A-5, B-2
about 3-2
and metrics A-2
configuring 5-2
defined 1-5
creating 2-2
getting version number B-2
deleting 5-3
installing A-3
disabling 5-4
introducing A-1
enabling 5-4
selecting for probe requests B-3, B-5
managing 5-2
setting up A-2
modifying 5-3
using with system communications 2-4
data collection, and big3d agent A-3
big3d_install script
dependencies
and setup tasks 2-5, 2-6
creating for virtual servers 8-7
running 2-6
organizing for virtual servers 8-8
BIG-IP health monitor 10-14
removing from virtual servers 8-8
BIG-IP link health monitor 10-14
setting 6-20
BIG-IP system
destination statement 9-3
about 1-1
distributed application statistics 11-4
See Local Traffic Manager.
distributed applications
bigip_add script
adding wide IPs 6-19
and setup tasks 2-5
and dependencies 6-20
running 2-7
and persistent connections 6-23
billing
defined 6-18
and links 5-23
disabling traffic 6-22
broadcast sequence and big3d agent A-3
enabling traffic 6-22
browsers, supported versions 1-11
removing wide IPs 6-19
DNAME record
creating 14-14
defined 14-11
Index - 2
Index
Index - 4
Index
configuring 2-8 U
controlling 2-9 UDP health monitor 10-29
creating groups 2-11 use pool statement syntax 13-6
deactivating 2-10
using other synchronization options 1-5
synchronization groups 2-8, 2-11 V
syntax, for iRule statements 13-6, 13-7, 13-8, 13-9, 13-10 verify virtual server availability option 7-18
system communications 2-4 views
system resources adding 14-19
and dependencies 8-7 adding zones to 14-20
associating health monitors to 10-37 and BIND 9 14-18
determining availability 8-3 deleting 14-20
resuming connections to 8-10 modifying 14-19
systems virtual server statistics 11-12
availability of 8-3 virtual servers
defining BIG-IP 2-5 about 3-3
discovering automatically 5-16 adding 5-19
adding to pools 6-4
and iRules 13-5
T and limit thresholds 5-16
tasks, setup 2-1 creating dependencies 8-7
Tcl syntax 13-2 editing 5-20
TCP echo health monitor 10-9 introducing 5-19
TCP half open health monitor 10-10 organizing dependencies 8-8
TCP health monitor 10-11 organizing within pools 6-5
test accounts, creating 10-19 removing 5-20
timer values removing dependencies 8-8
and metrics collection 12-5 removing from pools 6-5
introducing 12-5 weighting within pools 6-6
Tools Command Language syntax 13-2 VS capacity mode 7-9
topologies
and ACL threshold option 9-8
and destination statements 9-3 W
and longest match option 9-8 WAP health monitor 10-30
and pools 9-6 weighting, using with links 5-23
and records 9-3 Welcome screen 1-13
and regions 9-7 when keyword, using with iRules 13-4
and request source statements 9-3 wide IP statistics 11-6
and wide IPs 9-5 wide IPs
introducing 9-1 adding iRules to 6-15
setting up 9-3 adding pools to 6-10
topology mode 7-6 adding to distributed applications 6-19
topology records and iRules 6-14
introducing 9-3 and load balancing 7-14
removing 9-4 and persistent connections 8-11
transparent mode 10-35 and topology load balancing 9-5
TTL values creating 6-9
and metrics collection 12-5 disabling 6-14
introducing 12-5 enabling 6-14
TXT record maintaining 6-10
creating 14-17 organizing iRules 6-16
defined 14-12 organizing pools 6-12
txt record, creating 14-17 removing from distributed applications 6-19
removing iRules from 6-15
Index - 6
Index
Z
zone files
adding to views 14-20
synchronizing 2-10
zones
creating 14-2
Index - 8