GSLB Integration with F5 GTM

To ensure high availability across geographic regions or data centers, NSX Advanced Load Balancer recommends using multiple data centers to distribute risk and reduce failure domains. NSX Advanced Load Balancer works with most GSLB solutions, though the level of integration depends on the vendor used.

This is useful in deployments when there are GSLBs from other vendors, that provide DNS-based load balancing across geographies. For more information on configuring GSLB capabilities of NSX Advanced Load Balancer, see GSLB Configuration.

Assumptions

The scope of this section covers the integration of NSX Advanced Load Balancer with F5 GTM.

The followings are the assumptions:

NSX Advanced Load Balancer is installed in one or more data centers
F5’s BIG-IP GTM is installed

GTM may or may not be installed in the same data centers where NSX Advanced Load Balancer will be providing local application delivery services.

Configuring NSX Advanced Load Balancer

No special configuration is required for virtual services load balanced through GSLBs. The virtual services may exist on a single NSX Advanced Load Balancer Controller cluster or they may exist across multiple Controller clusters in different data centers.

Creating GTM Pool on F5

Navigate to DNS > GSLB > Pool. Select Create and configure the following fields:


Field	Description
Name	Enter a name for the GTM pool.
Health Check	Apply a health monitor appropriate for the application type. TCP Monitor If a basic TCP health monitor is used, an additional configuration change is recommended on the NSX Advanced Load Balancer virtual service. From the NSX Advanced Load Balancer UI, edit the desired virtual service and navigate to the Advanced tab. Enable the Remove Listening Port when virtual service is `Down`. When this option is deactivated (the default), NSX Advanced Load Balancer accepts the TCP connection, and then sends a `Reset`. GTM marks this virtual service as `Up`, even though it received a `Reset`. When the option is activated, NSX Advanced Load Balancer does not accept the connection, which ensures a down virtual service is correctly marked `down` on the GTM.
Member List	From the Virtual Server drop-down menu, select the appropriate virtual services from the list and click Add. The virtual services must have been added in the previous Create LB step.

Create GTM WideIP on F5

Navigate to DNS > GSLB > WideIP. Click Create and configure the following fields:


Field	Description
Name	Enter the FQDN of the application.
Pool List	Add the GTM pool to the list.

Creating Load Balancer Server Object on F5

Add the NSX Advanced Load Balancer as a load balancer object to the GTM. From within the GTM GUI, navigate to DNS > GSLB > Server and select Create. Configure the following fields within the General Properties section.


Field	Description
Name	Unique NSX Advanced Load Balancer instance name, for example, NSX Advanced Load Balancer_DC1.
Product	Generic Load balancer.
Address	With the recommended configuration, the GTM never uses this IP address. Nonetheless, the field must have a value, so enter any IP address of an NSX Advanced Load Balancer Controller from the cluster and click Add.
Data Center	Select a pre-configured GTM data center object, for example, DataCenter1. The GTM uses this information to determine which device will send health checks to NSX Advanced Load Balancer.

The Configuration section:


Field	Description
Health Monitor	It is recommended to leave the Health Monitor field empty. It is optional to add a health check to verify access to NSX Advanced Load Balancer. This involves the GTM sending a query to the IP address of the NSX Advanced Load Balancer Controller. This additional check is not recommended by default as it requires the GTM to have access to the Controllers, which are often on protected management networks. If this check is required, the Address and Translation Address of the NSX Advanced Load Balancer server object must be correct. The health monitor to check access to the NSX Advanced Load Balancer Controller is added using the Health Monitor setting. Note: Access to the Controllers does not reflect successful access to the application virtual service.

Within the Resources section, each virtual service must be added to the NSX Advanced Load Balancer server object:


Field	Description
Name	Name of the virtual service.
Address	IP address of the VIP.
Service Port	Port used to access the virtual service.
Translation	If the virtual service is NATed between NSX Advanced Load Balancer and the client, enter the public IP address that clients must access.
Translation Port	If the virtual service is PATed (port has been changed) between NSX Advanced Load Balancer and the client, enter the public port that clients must access.