iQuery statistics descriptions
105BIG-IP® Global Traffic Manager™: Implementations
Index
A
address mapping, about IPv6 to IPv4 36
allow-transfer statement, modifying for zone file transfers 23, 59 Anycast, See IP Anycast. 64, 65
authentication
and SSL certificate chains 92 and SSL certificates 88
authoritative name server, designating GTM 18, 24 authorizing BIG-IP communications 76
auto-discovery, disabling at the global-level 49
B
big3d_install script, running 79 big3d agent
and iQuery 76
and monitor timeout values 68 and SSL certificates 88 importing certificate chains 91 importing root certificate 89 upgrading 79
BIG-IP communications 76 BIG-IP LTM
and route domains 40 and server definition 78
BIG-IP systems, and iQuery connections 104 BIND server
and default DNS profiles 60 and GTM 60
Bridge mode
and global traffic management 29 and listeners 29
defined 29
C
CA servers, and device certificates 90 certificate chains
and SSL authentication 90 creating 90
verifying exchange 91 certificate exchange, verifying 89 certificates
importing device 88, 90 clusters, configuring 68 configuration files, acquiring 73 configuration synchronization
about 70
enabling for GTM 84 connection refused error
and listeners 24 and TCP protocol 24
connections
viewing iQuery statistics 104 viewing status 104
custom DNS profiles See also DNS profiles. creating 64
enabling DNS Express 59 See also DNS profiles.
D
data centers
assigning Prober pools 100 creating 71
defining 77, 83
DDoS attacks, about mitigating 58 default DNS profiles, and listeners 60 delegated zones
and listeners 18
creating on local DNS servers 17 deterministic probing, implementing 98 device certificates and CA servers 88 importing 88, 90 DNS Express about 58 enabling 59 DNS Express profiles assigning to listener 60 assigning to virtual servers 60 DNS Express TSIG key, creating 58 DNS Express zones
and statistics 60 creating 58 DNS profiles
and IPv6 to IPv4 mapping 37
and listeners configured for route advertisement 64 assigning to virtual servers 37
creating 64
customizing to handle IPV6 to IPv4 address mapping 36 enabling DNS Express 59
handling non-wide IP queries 64 DNS requests for GTM, load balancing 79 DNSSEC
about manual rollover of keys 52 and DNS infrastructure illustrated 52 configuring compliance 52
DNSSEC keys
about manual rollover 52 and synchronization groups 55 creating for emergency rollover 53 creating for key signing 53 creating for zone signing 53
107 Index
DNSSEC zones
and signature validation 55 assigning keys 54 creating 54
DNS server pools, and listeners 32 DNS servers
and custom DNS Express profiles 60 and GTM 28
and pools 32 and wide IPs 16
configuring to allow zone file transfers 23, 59 creating pools 32
delegating wide IP requests 16 identifying legacy 17, 24 modifying 18, 24 replacing with GTM 22 DNS services, about IP Anycast 64 DNS traffic
and GTM 28 and wide IPs 28
creating listeners to forward 29, 30 creating listeners to identify 24 forwarding 28
identifying 18 routing 28
E
emergency rollover
and DNSSEC key-signing keys 53 and DNSSEC zone-signing keys 53
F
file transfers, See zone file transfers. 23, 59 forwarding traffic to DNS servers 28
G
global traffic management and Bridge mode 29 and Router mode 29
load balancing to a pool of DNS servers 32 gtm_add script
and server status 72 running 73 using 85 gtmd agent
and importing root certificates 89 and iQuery 76
and SSL certificates 88 importing certificate chains 91
H
hosts, defining 94
I
important considerations, adding GTM to network 70 integrating with existing DNS servers 16
integration of GTM with older systems 76 intelligent probing, about 98
IP Anycast about 64 and listeners 65 IPv4-only servers
and mapping to IPv6-only clients 36 passing traffic from IPv6-only clients 37 IPv6-only clients
about mapping to IPv4-only servers 36 passing traffic to IPv4-only DNS servers 37 IPv6 to IPv4 mapping
and DNS profiles 36, 37 configuring virtual servers 37 iQuery
and big3d agent 76 and gtmd agent 76 and statistics 104
viewing statistics about connections 104 viewing status of connections 104 iQuery connections and statistics 104 and status 104 iRules, accessing 68
K
key generationsSee also DNSSEC keys. and creating new generations 55
See also DNSSEC keys. key-signing keys
about manual rollover 52 creating 53
L
LDNS, creating delegated zones 17 legacy DNS servers
and zone files 23
identifying by self IP addresses on BIG-IP GTM 17, 24 Level 1, about SSL authentication 88
listeners
about wildcard 17, 22, 29, 32 advertising virtual addresses 66 and Bridge mode 29
and network traffic 17, 22, 29, 32 and pools of DNS servers 32 and refused connection error 24 and route advertisement 66 and Router mode 29 and TCP protocol 24 and UDP protocol 24 and ZebOS 64
listeners (continued)
creating to forward DNS traffic 29, 30 creating to handle wide IP traffic locally 18 creating to identify DNS traffic 24, 82 defined 17, 22, 29, 32
dynamic routing protocol 64 load balancing DNS requests for GTM 79 load balancing process
about Prober pool status 99
about traffic management capabilities 76 and non-wide IP traffic 32
and Prober pools 98
load balancing traffic to a pool of DNS servers 32 local BIND servers, and DNS profiles 64 local DNS servers, and replacing with GTM 22 logs, and Prober pool data 101
LTM
and route domains 40, 46 and server definition 78
M
manual rollover, and DNSSEC keys 52 mitigation of DDos attacks 58
monitor timeout, and virtual server status 68
N
network, deploying GTM for single route domain 40 network connection issues, diagnosing 104
network placement of GTM forwarding traffic 29 network traffic, and listeners 17, 22, 29, 32 non-wide IP queries, and custom DNS profiles 64 NTP servers
and synchronization groups 70 defining 71, 82
P
placement of GTM on network to forward traffic 29 pools, and DNS servers 32
primary servers, defining for zones 18, 24 Prober pools
about 98 about statistics 99 about status 99 and data centers 100 and deterministic probing 98 and logs 101
and servers 101 and statistics 101
and upgrading to version 11.0 14 creating 100
profiles
creating DNS 36
creating for DNS Express 59
R
redundant system configurations and GTM 82
defining servers 83 refused connection error 24 replacing local DNS servers 22 rollover, See emergency rollover. 82 root certificates, importing 89 root servers, and zones 18, 24
route advertisement, and listeners 65, 66 route domains
and GTM 40 and LTM 40, 46
and self IP addresses 42, 49 and server definition 42, 49 and VLANs 41, 48 creating 41, 48
deploying GTM on network with multiple route domains 46 route health injection
See also IP Anycast. about 64
See also IP Anycast. Router mode
and global traffic management 29 and listeners 29
routing traffic to DNS servers 28
S
scripts
running big3d_install script 79 running gtm_add script 72 self IP addresses
and route domains 49 creating for route domains 42
creating on GTM for legacy DNS servers 17, 24 self-signed SSL certificates, about 88
server pools, and listeners 32 servers
assigning Prober pools 101 defining BIG-IP LTM systems 78 defining for BIG-IP GTM 77 defining for route domains 42, 49
defining GTM redundant system configurations 83 defining new BIG-IP GTM 72
defining third-party host servers 94 signature validation, of DNSSEC zones 55
single route domain, deploying GTM on network 40 SNMP monitoring
and third-party host servers 94 creating monitors 94
SSL authentication about 88
and certificate chains 92 defined 88
SSL certificates
about Level 1 SSL authentication 88 about self-signed 88
and big3d agent 89, 91
109 Index
SSL certificates (continued) and CA servers 88
and certificate chain authentication 90 and gtmd agent 89, 91
and verifying chain exchange 91 creating chains 90
signed by third party 88 verifying exchange 89 statistics
about iQuery 104 and Prober pools 99
viewing for DNS Express zones 60 viewing for Prober pools 101 status, and Prober pools 99 synchronization about 70 and NTP servers 70 enabling 71 enabling for GTM 84 synchronization groups about 70 adding new GTM 70
and DNSSEC key generations 55 illustrated 70
system upgrades, and Prober pools 14
T
TCP protocol
and connection refused error 24 and listeners 24
third-party servers, and SNMP monitoring 94 traffic forwarding, placement of GTM 29 TSIG key, creating for DNS Express 58
U
UDP protocol, and listeners 24 upgrades, and Prober pools 14
V
VIPRION systems, and GTM 68 virtual addresses, advertising 66 virtual servers
and IPv6 to IPv4 mapping 37 assigning DNS Express profiles 60 assigning DNS profiles 37 configuring status dependency 68
disabling auto-discovery at the global-level 49
passing traffic between IPv6-only clients and IPv4-only DNS servers 37
virtual server status, setting for clusters 68 VLANs
creating for a route domain on BIG-IP LTM 48 creating for route domains 41