DNS Express and glue Records

Question

Hi,&nbsp;
 &nbsp;
When I query to my BIND Server with a NS Record, the result is the following:&nbsp;
 &nbsp;
 &nbsp;
dig @192.168.0.78 NS prueba.com&nbsp;
 &nbsp;
; &lt;&lt;&gt;&gt; DiG 9.8.3-P2 &lt;&lt;&gt;&gt; @192.168.0.78 NS prueba.com&nbsp;
; (1 server found)&nbsp;
;; global options: +cmd&nbsp;
;; Got answer:&nbsp;
;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, status: NOERROR, id: 11538&nbsp;
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2&nbsp;
;; WARNING: recursion requested but not available&nbsp;
 &nbsp;
;; QUESTION SECTION:&nbsp;
;prueba.com.                   IN      NS&nbsp;
 &nbsp;
;; ANSWER SECTION:&nbsp;
prueba.com.            900     IN      NS      ns1.prueba.com.&nbsp;
prueba.com.            900     IN      NS      ns2.prueba.com.&nbsp;
 &nbsp;
;; ADDITIONAL SECTION:&nbsp;
ns1.prueba.com.        900     IN      A       80.0.0.1&nbsp;
ns2.prueba.com.        900     IN      A       80.0.0.2&nbsp;
 &nbsp;
;; Query time: 0 msec&nbsp;
;; SERVER: 192.168.0.7853(192.168.0.78)&nbsp;
;; WHEN: Mon Feb 18 19:00:08 2013&nbsp;
;; MSG SIZE  rcvd: 108&nbsp;
 &nbsp;
 &nbsp;
 &nbsp;
If I configure  DNS-Express in my F5. When I run the same request, the result is as follows:&nbsp;
 &nbsp;

dig @192.168.0.78 NS prueba.com&nbsp;
 &nbsp;
; &lt;&lt;&gt;&gt; DiG 9.8.3-P2 &lt;&lt;&gt;&gt; @192.168.0.78 NS prueba.com&nbsp;
; (1 server found)&nbsp;
;; global options: +cmd&nbsp;
;; Got answer:&nbsp;
;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, status: NOERROR, id: 11538&nbsp;
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2&nbsp;
;; WARNING: recursion requested but not available&nbsp;
 &nbsp;
;; QUESTION SECTION:&nbsp;
;prueba.com.                   IN      NS&nbsp;
 &nbsp;
;; ANSWER SECTION:&nbsp;
prueba.com.            900     IN      NS      ns1.test.com.&nbsp;
prueba.com.            900     IN      NS      ns2.test.com.&nbsp;
 &nbsp;
;; Query time: 0 msec&nbsp;
;; SERVER: 192.168.0.7853(192.168.0.78)&nbsp;
;; WHEN: Mon Feb 18 19:00:08 2013&nbsp;
;; MSG SIZE  rcvd: 108&nbsp;
 &nbsp;
 &nbsp;
In the request via F5 DNS-Express the glue record is missing.&nbsp;
 &nbsp;
Does anyone know why is this?&nbsp;
 &nbsp;
Thanks in advanced.&nbsp;
&nbsp;
 &nbsp;

romani_2788 · Answer

The difference between the bind environment and the DNS X implementation is that bind is authoritative for the "prueba.com" zone and therefore for the name servers " ns[12].prueba.com.". 
&nbsp; In the DNS X implementation however, you have configured the zone "prueba.com." but have pointed the name servers to the "test.com." zone which prueba.com is not authoritative for. 
&nbsp; Since DNS X is designed for speed and DNS security, it will only respond with the name server record (NS) for the zone prueba.com, and will not do a recursive look up for the corresponding A (glue) records even if it is authoritative for the test.com zone. This will work if you query bind. 
&nbsp; From the GTM request flow this will be the way DNS X will respond by  design. 
&nbsp;  
&nbsp; thanks.

Forum Discussion

DNS Express and glue Records

1 Reply

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

iRule based 'Natural Speech' Expression Language

DNS Express and Zone Transfers

Advanced iRules: Regular Expressions

expression in an APM policy

Enabling DNSSEC for 1 record only