Forum Discussion
NimbostratusDNS Express as Slave
Hello guys, I'm setting up DNS Express to serve as a secondary NS for my zone. A hidden master is configured using NSD server. The initial AXFR query is successful when creating the zone on the BigIP. But when a notify is sent from the master to the BigIP, I'm getting an error (captured on tcpdump) saying : DNS123Zone change notification response 0xe24e Not authoritative SOA zone.com TSIG. NB: the IP address of the master is added on "Allow NOTIFY From" list Any hints
Greetings,
I set up UDP virtual server (notify listener) per this article and it seems to be working:K45411181: Configuring DNS Express using tmsh
https://support.f5.com/csp/article/K45411181When I change serial and initiate transfer from NS, DNS Express is updated. Without virtual, DNS Express says not authoritative.
Hope this is helpful!
Kevin
3 Replies
AneshCirrostratus
- Can you provide the zone definition from the named.conf of master?
- Also,can you provide the zone definition from the named.conf of GTM/DNS?
Greetings,
I set up UDP virtual server (notify listener) per this article and it seems to be working:K45411181: Configuring DNS Express using tmsh
https://support.f5.com/csp/article/K45411181When I change serial and initiate transfer from NS, DNS Express is updated. Without virtual, DNS Express says not authoritative.
Hope this is helpful!
Kevin
EA_HichamHello Kevin, So, I erased all the DNS configuration and restarted from scratch following the K45411181 and adding the notification virtual server. Although, according to the article, it is not necessary to do so, since i'm not running an HA Cluster, it did solve the "Not authoritative SOA" problem. Unfortunately, it did not solve all my problems. NSD DNS Server does not implement IXFR responses. So unless forcing DNS Express to execute and AXFR each time, I don't think F5 DNS Express and NSD can work toghether (which is a bit strange). Cheers. Hicham
