Forum Discussion
SimoParis_85044
Altostratus
AltostratusBind vs GTM DNS
Hi,
I would like to understand a bit more the DNS server feature as implemented on GTM:
- wideip is a way to code FQDN with pools, virtual servers, load balancing methods etc => Which daemon service is gonna to serve the DNS requests coming on port udp/53: is it Bind or another service ?
- If it is Bind it will look on zone files, so Are the wideip mapped onto bind zone files ? if yes, how the update is done if a monitor checked a resource as DOWN ?
- If it not bind then the DNS daemon (bigd ?) service will look onto wideip or zone files or both ?
- Zonerunner is used to configure zone files for bind or the second daemon (bigd) ?
I would just understand the relation between GTM DNS feature and Bind adn how the synchronization is done between wideip and zone files
BR
10 Replies
SimoParis_85044Hello,
Any help please on this topic please ?
BR- Here is a short answer on the resolution process on GTM.
All DNS requests will come into the GTM device on port 53. There is a object created on the GTM called a "Listener" that is a self-ip address that will process DNS requests. When the DNS request comes into the Listener, GTMD first tries to match it against a Wide-IP first, if there is not a Wide-IP that matches the FQDN, then the DNS request will get dropped to BIND. If there is no match on a zone file, then no resolution will occur.
ZoneRunner is used to manage the zone files, and the daemon for that is zrd.
Hope this helps.
Chris - SimoParis_85044Hello,
Thanks for your feedback.
But is the information stored on Bind zone files and GTM Listner synchronous ?
I mean if a check or monitor detect that an IP is not valid, will the Bind zone file be updated also or only GTM database ?
BR - If a Virtual Server IP is not valid because of failing a health monitor gtmd will not resolve to that address nor will it update a BIND/ZRD zone file
- SimoParis_85044Which means it is impossible to set a machine as secondary DNS server for GTM with DNS zone transfert of only valid IP adresses.
Cause only Bind support the zone transfert not Listners - You are correct that the secondary name server that you setup will only receive the BIND zone file. You would not want the zone that you have wide-ips created for to be on a secondary non-gtm name server because if someone queries that server they will not get the global load balancing benefit for the records you want globally load balanced.
What you may want to consider is to delegate a subdomain ie gtm.domain.com to the listener address and have your wide-ips be in that domain.
ie:
configure a wideip www.gtm.domain.com
In the zone file domain.com
gtm.domain.com. IN NS gtmlistener.domain.com.
gtmlistener.domain.com. IN A 1.2.3.4
www.domain.com. IN CNAME www.gtm.domain.com.
By doing this you can have your domain.com. zone file always delgate the www.domain.com queries to the wideip on the gtm even if the user query hits a secondary name server.
This is a common practice when organizations want to keep their domains on a separate name server from GTM but still get the benefit of global load balancing for that zone.
Let me know if you have more questions.
Chris - SimoParis_85044Hi
Thanks for your feedback.
What I am looking for is to set:
- 10 linux machines that need to talk to 100 routers (grouped as routers.domain.com)
- routers are monitored via a sip healthcheck via GTM
- Define linux machines as seconady DNS to save bandwith and avoir network outage => this implies request a zone transfert to GTM box
Is it possible with your hint ? means:
- configure a wideip groupping the routers with associated monitors
- define a bind zone file called routers.domain.com delegated to listner
Thanks for ur help
BR - Ok. If I understand correctly, this is what I think you need:
1. Delegate a subdomain in your zone called rtr.domain.com and delegate it to your listener address of your GTM.rtr.domain.com. IN NS gtm.domain.com. gtm.domain.com. IN A 1.2.3.4
2. Create a CNAME record that aliases routers.domain.com to routers.rtr.domain.com.routers.domain.com. IN CNAME routers.rtr.domain.com.
3. Create a GTM Pool that has your 100 routers in it.
4. Create a Wide-IP called routers.rtr.domain.com that contains the GTM Pool with the 100 routers.
5. Set your Linux machines up as secondary name servers of domain.com.
Now with that said, here is what you have when this is complete:
- Linux machine has a copy of the domain.com.
- Linux machine will look to itself for routers.domain.com and be sent to the alias of routers.rtr.domain.com.
- Linux machine will send request for routers.rtr.domain.com to the GTM listener address.
- GTM will process the request for routers.rtr.domain.com according to how you have configured your Wide-IP.
Let me know if this helps you out or if you need more assistance.
Chris - SimoParis_85044Hello,
But what we are lokking for is to provide the secondary DNS (Linux boxes) with valid valid zone "routers".
I think with the configuration you have proposed: Linux will trigger it DNS => Routed to GTM bind => Delegation of the zone to GTM listner => Wideip => Result.
The result will not be a zone but only One or multiple IPs (A records).
So no zone transfert is happening
BR 
raj_bjs77Nimbostratus
Hi,
Do we need to setup GTM as DNS server for sub-domain in this case or no DNS config required in GTM ?
Regards
RK
