Forum Discussion

adrian_171483's avatar
adrian_171483
Icon for Cirrus rankCirrus
May 12, 2015

FQDN Node "flush"

Hi all,

 

we are deploying new Virtual Servers in 11.6.0 using the FQDN node feature.. we have observed that when the DNS record for the FQDN is changed that the old record remains as an ephemeral node and is kind of "stuck" in the virtual server.

 

This is a problem for us as the that previous web server system might still be live, and I am wondering if this can be flushed when a new record is learned after the timeout period. ?

 

We often switch URL's to the DR platform, and then switch back using DNS.. we don't want the DR system to be present after the switchback.

 

thanks

 

Adrian

 

application delivery
design
LTM

10 Replies

Sort By
  • nitass_89166's avatar
    nitass_89166
    Icon for Noctilucent rankNoctilucent
    May 12, 2015

    I am wondering if this can be flushed when a new record is learned after the timeout period. ?

    can you try to restart bigd? i may be wrong but i think bigip will resolve fqdn node when bigd is restarted.

     restart bigd

[root@ve11c:Active:In Sync] config  tmsh list ltm node google
ltm node google {
    fqdn {
        autopopulate enabled
        name www.google.com
    }
    state fqdn-up
}
[root@ve11c:Active:In Sync] config  date; tmsh restart sys service bigd
Tue May 12 19:25:42 SGT 2015
[root@ve11c:Active:In Sync] config 

 tcpdump

[root@ve11c:Active:In Sync] config  tcpdump -nni 0.0 -s0 port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 65535 bytes
19:26:01.144898 IP 172.28.24.13.33478 > 8.8.8.8.53:  26437+ A? www.google.com. (32) out slot1/tmm1 lis=
19:26:01.150778 IP 8.8.8.8.53 > 172.28.24.13.33478:  26437 6/0/0 A 74.125.130.105, A 74.125.130.103, A 74.125.130.147, A 74.125.130.99, A 74.125.130.106, A 74.125.130.104 (128) in slot1/tmm1 lis=
19:26:06.149613 IP 172.28.24.13.48936 > 8.8.8.8.53:  26437+ A? www.google.com. (32) out slot1/tmm1 lis=
19:26:06.157343 IP 8.8.8.8.53 > 172.28.24.13.48936:  26437 5/0/0 A 173.194.117.115, A 173.194.117.114, A 173.194.117.113, A 173.194.117.116, A 173.194.117.112 (112) in slot1/tmm1 lis=
    • adrian_171483's avatar
      adrian_171483
      Icon for Cirrus rankCirrus
      May 12, 2015
      I was kind of hoping for a timer that would flush out the record without any intervention
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    May 12, 2015

    I am wondering if this can be flushed when a new record is learned after the timeout period. ?

    can you try to restart bigd? i may be wrong but i think bigip will resolve fqdn node when bigd is restarted.

     restart bigd

[root@ve11c:Active:In Sync] config  tmsh list ltm node google
ltm node google {
    fqdn {
        autopopulate enabled
        name www.google.com
    }
    state fqdn-up
}
[root@ve11c:Active:In Sync] config  date; tmsh restart sys service bigd
Tue May 12 19:25:42 SGT 2015
[root@ve11c:Active:In Sync] config 

 tcpdump

[root@ve11c:Active:In Sync] config  tcpdump -nni 0.0 -s0 port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 65535 bytes
19:26:01.144898 IP 172.28.24.13.33478 > 8.8.8.8.53:  26437+ A? www.google.com. (32) out slot1/tmm1 lis=
19:26:01.150778 IP 8.8.8.8.53 > 172.28.24.13.33478:  26437 6/0/0 A 74.125.130.105, A 74.125.130.103, A 74.125.130.147, A 74.125.130.99, A 74.125.130.106, A 74.125.130.104 (128) in slot1/tmm1 lis=
19:26:06.149613 IP 172.28.24.13.48936 > 8.8.8.8.53:  26437+ A? www.google.com. (32) out slot1/tmm1 lis=
19:26:06.157343 IP 8.8.8.8.53 > 172.28.24.13.48936:  26437 5/0/0 A 173.194.117.115, A 173.194.117.114, A 173.194.117.113, A 173.194.117.116, A 173.194.117.112 (112) in slot1/tmm1 lis=
    • adrian_171483's avatar
      adrian_171483
      Icon for Cirrus rankCirrus
      May 12, 2015
      I was kind of hoping for a timer that would flush out the record without any intervention
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    May 12, 2015

    I was kind of hoping for a timer that would flush out the record without any intervention

    i thought you want to do it manually.

    if not, doesn't interval work?

     trace

[root@ve11c:Active:In Sync] config  tcpdump -nni 0.0 -s0 port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 65535 bytes
20:57:51.516574 IP 172.28.24.13.33233 > 8.8.8.8.53:  50723+ A? www.google.com. (32) out slot1/tmm0 lis=
20:57:51.522262 IP 8.8.8.8.53 > 172.28.24.13.33233:  50723 6/0/0 A 74.125.130.147, A 74.125.130.105, A 74.125.130.106, A 74.125.130.99, A 74.125.130.104, A 74.125.130.103 (128) in slot1/tmm0 lis=

20:58:51.506075 IP 172.28.24.13.59459 > 8.8.8.8.53:  50723+ A? www.google.com. (32) out slot1/tmm0 lis=
20:58:51.512165 IP 8.8.8.8.53 > 172.28.24.13.59459:  50723 5/0/0 A 173.194.117.81, A 173.194.117.80, A 173.194.117.84, A 173.194.117.82, A 173.194.117.83 (112) in slot1/tmm0 lis=

 configuration

[root@ve11c:Active:In Sync] config  date; tmsh list ltm node google* one-line | grep -iv 200.200.200
Tue May 12 20:58:02 SGT 2015
ltm node google { fqdn { autopopulate enabled interval 60 name www.google.com } state fqdn-up }
ltm node google-74.125.130.99 { address 74.125.130.99 ephemeral true fqdn { name www.google.com } }
ltm node google-74.125.130.103 { address 74.125.130.103 ephemeral true fqdn { name www.google.com } }
ltm node google-74.125.130.104 { address 74.125.130.104 ephemeral true fqdn { name www.google.com } }
ltm node google-74.125.130.105 { address 74.125.130.105 ephemeral true fqdn { name www.google.com } }
ltm node google-74.125.130.106 { address 74.125.130.106 ephemeral true fqdn { name www.google.com } }
ltm node google-74.125.130.147 { address 74.125.130.147 ephemeral true fqdn { name www.google.com } }
[root@ve11c:Active:In Sync] config 
[root@ve11c:Active:In Sync] config 
[root@ve11c:Active:In Sync] config  date; tmsh list ltm node google* one-line | grep -iv 200.200.200
Tue May 12 20:58:57 SGT 2015
ltm node google { fqdn { autopopulate enabled interval 60 name www.google.com } state fqdn-up }
ltm node google-173.194.117.80 { address 173.194.117.80 ephemeral true fqdn { name www.google.com } }
ltm node google-173.194.117.81 { address 173.194.117.81 ephemeral true fqdn { name www.google.com } }
ltm node google-173.194.117.82 { address 173.194.117.82 ephemeral true fqdn { name www.google.com } }
ltm node google-173.194.117.83 { address 173.194.117.83 ephemeral true fqdn { name www.google.com } }
ltm node google-173.194.117.84 { address 173.194.117.84 ephemeral true fqdn { name www.google.com } }
    • adrian_171483's avatar
      adrian_171483
      Icon for Cirrus rankCirrus
      May 12, 2015
      The interval is 3600 seconds but the ephemeral node is still in there (after 2 days) even though the DNS entry does not exist any more
  • nitass_89166's avatar
    nitass_89166
    Icon for Noctilucent rankNoctilucent
    May 12, 2015

    I was kind of hoping for a timer that would flush out the record without any intervention

    i thought you want to do it manually.

    if not, doesn't interval work?

     trace

[root@ve11c:Active:In Sync] config  tcpdump -nni 0.0 -s0 port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 65535 bytes
20:57:51.516574 IP 172.28.24.13.33233 > 8.8.8.8.53:  50723+ A? www.google.com. (32) out slot1/tmm0 lis=
20:57:51.522262 IP 8.8.8.8.53 > 172.28.24.13.33233:  50723 6/0/0 A 74.125.130.147, A 74.125.130.105, A 74.125.130.106, A 74.125.130.99, A 74.125.130.104, A 74.125.130.103 (128) in slot1/tmm0 lis=

20:58:51.506075 IP 172.28.24.13.59459 > 8.8.8.8.53:  50723+ A? www.google.com. (32) out slot1/tmm0 lis=
20:58:51.512165 IP 8.8.8.8.53 > 172.28.24.13.59459:  50723 5/0/0 A 173.194.117.81, A 173.194.117.80, A 173.194.117.84, A 173.194.117.82, A 173.194.117.83 (112) in slot1/tmm0 lis=

 configuration

[root@ve11c:Active:In Sync] config  date; tmsh list ltm node google* one-line | grep -iv 200.200.200
Tue May 12 20:58:02 SGT 2015
ltm node google { fqdn { autopopulate enabled interval 60 name www.google.com } state fqdn-up }
ltm node google-74.125.130.99 { address 74.125.130.99 ephemeral true fqdn { name www.google.com } }
ltm node google-74.125.130.103 { address 74.125.130.103 ephemeral true fqdn { name www.google.com } }
ltm node google-74.125.130.104 { address 74.125.130.104 ephemeral true fqdn { name www.google.com } }
ltm node google-74.125.130.105 { address 74.125.130.105 ephemeral true fqdn { name www.google.com } }
ltm node google-74.125.130.106 { address 74.125.130.106 ephemeral true fqdn { name www.google.com } }
ltm node google-74.125.130.147 { address 74.125.130.147 ephemeral true fqdn { name www.google.com } }
[root@ve11c:Active:In Sync] config 
[root@ve11c:Active:In Sync] config 
[root@ve11c:Active:In Sync] config  date; tmsh list ltm node google* one-line | grep -iv 200.200.200
Tue May 12 20:58:57 SGT 2015
ltm node google { fqdn { autopopulate enabled interval 60 name www.google.com } state fqdn-up }
ltm node google-173.194.117.80 { address 173.194.117.80 ephemeral true fqdn { name www.google.com } }
ltm node google-173.194.117.81 { address 173.194.117.81 ephemeral true fqdn { name www.google.com } }
ltm node google-173.194.117.82 { address 173.194.117.82 ephemeral true fqdn { name www.google.com } }
ltm node google-173.194.117.83 { address 173.194.117.83 ephemeral true fqdn { name www.google.com } }
ltm node google-173.194.117.84 { address 173.194.117.84 ephemeral true fqdn { name www.google.com } }
    • adrian_171483's avatar
      adrian_171483
      Icon for Cirrus rankCirrus
      May 12, 2015
      The interval is 3600 seconds but the ephemeral node is still in there (after 2 days) even though the DNS entry does not exist any more