Forum Discussion
NimbostratusBig IP DNS Failover
Hello people I am new to Big IP DNS world.
We have two Big IP DNS currently synchronizing across 2 DC.
Big IP DNS is used in a DNS delegation architecture making use of sub domains. All of our request goes to our internal Domain Controller/DNS and then it has our NS as well as CNAME record pointing towards Big IP DNS.
I was trying to test whether or not the Big IP DNS failover would work if one of the Big IP DNS completely goes offline before we plan for our upgrade. Previous employee who did all the work has left and no one has any idea if it would work.
The tcpdump capture shows that both of the DNS is receiving DNS traffic and also the stats from the F5 itself shows the increment.
What would be the best way to test that the redundancy? Forcing the primary DNS as offline?
2 Replies
- Injeyan_Kostas
Cirrostratus
Your BIG-IP DNS devices are synchronized but not clustered, unlike an Active-Standby setup in LTM. Instead, they operate in an Active-Active scenario, which is why you observe traffic on both devices.
This is an example:
- A client makes a DNS query, which reaches your internal DNS.
- The internal DNS responds with a CNAME pointing to a subdomain hosted on BIG-IP.
- The client then queries the authoritative DNS for this subdomain and receives two NS records—one for each BIG-IP DNS.
- The client selects one of these NS records randomly.
- If the chosen NS does not respond, the client automatically retries with the second NS.
So, since both BIG-IP DNS devices function independently and actively, you can safely take one offline without impacting DNS resolution. The remaining device will continue handling queries seamlessly.
- zamroni777
MVP
adding to Injeyan_Kostas ,
it is inherent limitation in Internet DNS that client cant verify DNS server availability before sending the DNS request and no quick fail method except timeout.
DNS is designed in 1980s to work on computer with few MHz of CPU spec.
