Big-IP DNS - Zone Transfers

--------------------

**The below steps are not supported by F5 Support, due to local files are being modified. :) . If for any reason the below steps do not work, the UCS backups can be used to recover the vCMP Guests and old GTM.

*The below I am typing from memory. :-)

--------------------

**Assumed

--vCMP Guests are configured with all WIPs and DataCenter configurations.

--iquery is allowed and is working between vCMP guests.

-DataCenter shows both BIG-IP DNS servers online.

---iquery can be tested via the command iqdump

>iqdump x.x.x.x . (x.x.x.x = IP of the alternative vCMP guest BIGIP-DNS servers) . If iqdump returns an error, then you have certificate / trust issues.

-Understand the log files, to view error that may populate, based on the below steps.

--------------------

-Create a default UCS backup on the two new vCMP guests and save it to your workstation, to have a local copy.

-Create a UCS backup on the old GTM via the GUI and save it to your workstation, to have a local copy.

--------------------

-Backup the zone files on the old GTM

>cd /var/tmp

>tar -cvf zonebackup.tar.gz /var/named/config/

--------------------

-Transfer the zonebackup file to the "Master" vCMP BigIP-DNS(GTM) ( /var/tmp directory) via SCP

--You can use WinSCP or scp via putty on the old GTM

*Old GTM -- from the /var/tmp directory

>scp zonebackup.tar.gz root@x.x.x.x:/var/tmp (x.x.x.x is the IP of the Master BIGIP-DNS; replace 'root' with whichever user that you normally use to administrate)

--------------------

-On BOTH vCMP Guests, stop the bind and ZoneRunner service(s)

>bigstart stop named

>bigstart stop zrd

-From the vCMP Master, extract the zonebackup.tar.gz file into the bind service directory

>cd /var/tmp

>tar -xvf zonebackup.tar.gz /var/named/config/

*replace all files if questioned with yes "Y"

-Verify if the zone files transferred

>cd /var/named/config/namedb

>ls *

*Are the zone files listed? If so, proceed.

-Restart the Named and ZoneRunner services

>bigstart start named

>bigstart start zrd

--Verify in the GUI if you can see the Zones via ZoneRunner.

--------------------

At this point, the Secondary vCMP BIGIP-DNS guest's ZoneRunner and Bind service are stopped.

-The sync has to be fixed and to do so, we will "start from scratch by deleting the bind files and re-sync to the Master.

*Log into the Secondary BIGIP-DNS vCMP guest

>rm -rf /var/named/config/ *Removes the original files.

>mkdir /var/named/config . *Re-creates the 'config' directory

--------------------

-The next step will recopy the Bind config and zone file to the Secondary vCMP BIGIP-DNS Guest.

>gtm_add <existing_GTM_IP_address> --answer the prompts. The gtm_add script will copy the remote BIG-IP GTM configuration to the local BIG-IP GTM system.

Link: https://support.f5.com/csp/article/K8195

-Restart the Bind and ZoneRunner service (secondary vCMP Guest BIGIP-DNS)

--At this point, you should see both BIGIP-DNS servers online via the GUI

-Test create a DNS record to verify if the sync is working correctly via ZoneRunner.