Forum Discussion
- Anjuli_LamEmployee
AskF5 recently published an article related to this topic:
- patonbikeCirrus
I have turned on settings -> gslb -> general "Configuration Synchronization" and "Synchronize DNS Zone Files" and I am not seeing the bind zones replicate after initial import (which does synchronize). There are no errors. Any ideas on what to check?
- merlin87Altocumulus
I would check that you have the same Sync Group Name specified on each GTM and also you would need to run the gtm_add command from bash once from each GTM you are pulling into the GTM Mesh, to get them to swap certs and build the iQuery connections.
Sync Group: DNS > Settings > GSLB > Group Name
https://support.f5.com/csp/article/K13312
Checking the sync connection with iQuery from the bash prompt and checking in /var/gtm should give you an idea as to what the issue may be.
- patonbikeCirrus
OK I was missing the device cert for 1 of the units under gslb -> servers -> server certs. For some reason on 1 unit, it automatically added Self + Peer. One the other unit it only added Self.
That fixed iquery, then I had not also configured a data center and servers under gslb -> servers -> server list. Everything seems to be working now.
- Andy_McGrathCumulonimbus
Tried to find something but nothing substantial, best way to look at it is:
- Anything that is written to the configuration file `bigip_gtm.conf` will be synced between devices in the same F5 DNS sync group.
- Anything written to the internal BIND DNS server zone files will be synced if you have enabled to sync zone files.
Configuration around listeners and DNS pools etc. is actually LTM configuration, hence why it doesn't sync.
- Paul_HoylandNimbostratus
Settings >> GSLB >> General does give me some information but doesn't tell me whether WIPs are synchronized and Listeners are not (for example). Is there any documentation that does give me that detail?
- Andy_McGrathCumulonimbus
You have two different Sync configuration on F5 DNS:
- F5 DNS sync group where DNS and BIND configuration can be synced between all F5 DNS members of the group look under DNS >> Settings >> GSLB >> General (Configuration Synchronization) where you can set the group name and what to Synchronize
- https://support.f5.com/csp/article/K13734
- https://support.f5.com/csp/article/K13690
- F5 Device Group and HA are used more for LTM and other modules that need to failover this will sync up LTM based configuration and will work in an Active/Standby for each Traffic Group configured. Recommend you do not do this for F5 DNS/GTM as better to have all devices Active and failover is not required as DNS is already a fault tolerant protocol.
- F5 DNS sync group where DNS and BIND configuration can be synced between all F5 DNS members of the group look under DNS >> Settings >> GSLB >> General (Configuration Synchronization) where you can set the group name and what to Synchronize