F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Ignacio_Sanche3's avatar
Ignacio_Sanche3
Icon for Nimbostratus rankNimbostratus
Feb 26, 2013

DNS Express and glue Records

Hi,

 

 

When I query to my BIND Server with a NS Record, the result is the following:

 

 

 

dig @192.168.0.78 NS prueba.com

 

 

; <<>> DiG 9.8.3-P2 <<>> @192.168.0.78 NS prueba.com

 

; (1 server found)

 

;; global options: +cmd

 

;; Got answer:

 

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11538

 

;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2

 

;; WARNING: recursion requested but not available

 

 

;; QUESTION SECTION:

 

;prueba.com. IN NS

 

 

;; ANSWER SECTION:

 

prueba.com. 900 IN NS ns1.prueba.com.

 

prueba.com. 900 IN NS ns2.prueba.com.

 

 

;; ADDITIONAL SECTION:

 

ns1.prueba.com. 900 IN A 80.0.0.1

 

ns2.prueba.com. 900 IN A 80.0.0.2

 

 

;; Query time: 0 msec

 

;; SERVER: 192.168.0.7853(192.168.0.78)

 

;; WHEN: Mon Feb 18 19:00:08 2013

 

;; MSG SIZE rcvd: 108

 

 

 

 

If I configure DNS-Express in my F5. When I run the same request, the result is as follows:

 

 

dig @192.168.0.78 NS prueba.com

 

 

; <<>> DiG 9.8.3-P2 <<>> @192.168.0.78 NS prueba.com

 

; (1 server found)

 

;; global options: +cmd

 

;; Got answer:

 

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11538

 

;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2

 

;; WARNING: recursion requested but not available

 

 

;; QUESTION SECTION:

 

;prueba.com. IN NS

 

 

;; ANSWER SECTION:

 

prueba.com. 900 IN NS ns1.test.com.

 

prueba.com. 900 IN NS ns2.test.com.

 

 

;; Query time: 0 msec

 

;; SERVER: 192.168.0.7853(192.168.0.78)

 

;; WHEN: Mon Feb 18 19:00:08 2013

 

;; MSG SIZE rcvd: 108

 

 

 

In the request via F5 DNS-Express the glue record is missing.

 

 

Does anyone know why is this?

 

 

Thanks in advanced.

 

 

 

config
design

1 Reply

  • Romani_2788's avatar
    Romani_2788
    Historic F5 Account
    May 12, 2013
    The difference between the bind environment and the DNS X implementation is that bind is authoritative for the "prueba.com" zone and therefore for the name servers " ns[12].prueba.com.".

     

    In the DNS X implementation however, you have configured the zone "prueba.com." but have pointed the name servers to the "test.com." zone which prueba.com is not authoritative for.

     

    Since DNS X is designed for speed and DNS security, it will only respond with the name server record (NS) for the zone prueba.com, and will not do a recursive look up for the corresponding A (glue) records even if it is authoritative for the test.com zone. This will work if you query bind.

     

    From the GTM request flow this will be the way DNS X will respond by design.

     

     

    thanks.