Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral


Questions and Answers

Loading... Loading...

Here is the issue I have with DNS/GTM. We have our own DNS servers that run the main domain i.e. test.com. Specific subdomains are delegated to the GTM's such as marek.test.com. This works great.

However now we want to put the main site on the GTM's, test.com while keeping all the other subdomains like corp.test.com on our main DNS servers.

Does anyone know how you can delegate just the main domain to the GTM's? So any queries coming to our DNS servcers for test.com will get forwarded to the GTM's, while others like corp.test.com will get answered by our DNS servers. The DNS folks at my company are stating this cannot be done due to the SOA present on test.com.

Any help would be greatly appreciated. Thank you.

Marek

11 Answer(s):

Hi Marek,
Did you look into Zonerunner on the GTM?

You can find information about ZoneRunner here

https://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/bigipgtm9_2_2/BIG-IP_9_2_2GTM_Guide-17-1.html#wp999886


I hope this helps
#Bhattman
I think this is just for syncing the zones. We do not want the GTM to be the authorative server for the entire test.com zone. Just for test.com. I think the Zonerunner just helps in syncing the zone files.

When our DNS servers receives a request for test.com we want it to forward it to the GTM's. If our DNS servers receive a request for corp.test.com we want the DNS to resolve locally.
Yes I now understand. Unfortunately, I think you just hit the DNS laws of physics. Unfortunately the record w/o the "www' is the root record and I don't think you can have the GTM host the root record and the other DNS server be authoritative for the same domain.

My 2 cents

#Bhattman










While there might be a way to do what you want why not just use CNAME's for the stuff on your F5 and leave your DNS server authortative for everything else?
I asked the same thing, Our DNS folks stated you cannot use the CNAME on a root record that has an SOA. Do you know if this is true?
Yes that is very true. Any reason why you can't make test.com the authoritative on the GTM?

#Bhattman

You can configure the GTM with wideip for test.com, then configure a pool on the listener vip to loadbalance to the downstream DNS servers for all subdomains. This is very similiar to how BIND runs on the box, except using external DNS server...

-John
You could also setup the GTM in front of your authoritative name servers (architecturally, bridged or routed) and intercept the test.com queries, and any other queries for that matter, and pass all other traffic the gtm is not interested in back to them. It works well, though I'd recommend staying away from the bridging side of that solution.
I am exceptionally late to the party but I am looking for help on something else and came across your post.

We do this a lot.  For policy reasons we could not have our GTMs participate in DNS for our highest level domains.  However we have delegated a sub domain to the GTMs just fine and CNAME specific entries.

example.com is served by our external DNS servers
lb.example.com is served by our GTMs and sub domain is delegated in example.com to a self IP on our GTMs

On the GTMs we setup the basics for the lb.example.com subdomain, SOA, NS etc and then add pools, wideips and so on.

Then we configure a wideip for www.lb.example.com and make www.example.com a CNAME for www.lb.example.com.

Voila, the GTMs are not directly involved in serving example.com.

Regards,
-Alan
I’d like to piggy back on Alan’s post.

What I do is just delegate the wide ip from the primary zone to the GTM. Thus for the www wide ip, the primary zone has NS records pointing to the GMTs:

www ns1.mygtm.com.
www ns2.mygtm.com.

This eliminates the need for cname records.

Mike
Hi Guys,

Does enabling allow-transfer on DNS servers and creating a master zone file means GTM will be the primary DNS right away?

Your answer:

You must be logged in to reply. You can login here.