Forum Discussion

David__Pasch's avatar
David__Pasch
Icon for Altostratus rankAltostratus
Feb 16, 2016

GTM w/o BIND and NS Records

Hey all! Happy Cupcakes!

 

I am having an issue where some clients are having issues looking up records on the GTM. We have a basic configuration with DNS delegating to the GTM, and the GTM is NOT running BIND.

 

So the client:

 

  1. Looks up the FQDN against DNS servers(host.site.com), and gets a CNAME(host.wip.site.com).
  2. Asks the DNS for the NSs for that CNAMEs domain(.wip.site.com).
  3. DNS responds with the IPs of the GTM devices as they are the NS servers for the subdomain(.wip.site.com).

THIS IS WHERE I GET CONFUSED. I expect and A record query, but....

 

  1. The client then makes another NS query, against the GTM, for the FQDN(host.wip.site.com).
  2. The client then makes another NS query, against the GTM, for the sub-domain(wip.site.com).
  3. Stuck here.

Customer states this is breaking all resolution from their DNS servers to our subdomain. Just can't seem to figure out why the dependency on the NS record exists? DNS security feature of some sort?

 

So my question are: 1. Has anyone seen this, what appears to be NS lookup dependent resolution. Where an NS response must be before an A Record response? 2. Any good ideas on how to fix this, outside of enabling BIND on my external GTM devices? so you know,.. the DNS servers are behind LTMs, so the solution can be implemented there too. Maybe an iRule that responds to all NS queries with our records at the LTM DNS VIP?

 

Any input/ideas/comments are appreciated!!!

 

Thanks in advance!!!

 

~David

 

13 Replies