Forum Discussion

NickRoyIPL_1779's avatar
NickRoyIPL_1779
Icon for Nimbostratus rankNimbostratus
Nov 20, 2014

DNS forwarding for same domain name

Hi

 

We've setup 6 Wide IP names in the format "resource.domain.com". The domain is called "domain.com", so how can we setup our internal DNS server to forward request for just the wide IP names to the GTMs?

 

An A-Record simply resolves to the GTM IP, it doesn't process the DNS request.

 

We can't have all DNS requests to go through the GTM either. Basically we'd like it so that and DNS record not found on the internal DNS server cache should go then on to the GTMs to be resolved.

 

Thanks

 

Nick

 

BIG-IP Access Policy Manager (APM)
BIG-IP DNS
cloud
deployment
devops
iApps
security
vmware

4 Replies

  • mikeshimkus_111's avatar
    mikeshimkus_111
    Historic F5 Account
    Nov 20, 2014

    Can you set the GTM listener IP as a conditional forwarder for resource.domain.com on your internal DNS servers?

     

  • NickRoyIPL_1779's avatar
    NickRoyIPL_1779
    Icon for Nimbostratus rankNimbostratus
    Nov 20, 2014

    I could, but I'm concerned that it would then get things stuck in a loop?

     

    I'd have to add 'domain.com' as the name of the conditional forwarder which Microsoft say you can't/shouldn't do

     

    "You cannot use a domain name in a conditional forwarder if the DNS server hosts a primary zone, secondary zone, or stub zone for that domain name. For example, if a DNS server is authoritative for the domain name corp.contoso.com (that is, it hosts the primary zone for that domain name), you cannot configure that DNS server with a conditional forwarder for corp.contoso.com."

     

    as per http://technet.microsoft.com/en-us/library/cc754941.aspx

     

    Thanks

     

    Nick

     

    • mikeshimkus_111's avatar
      mikeshimkus_111
      Historic F5 Account
      Nov 20, 2014
      Right, I was thinking you could add just the name you want to forward, but it requires a domain name and that causes an error. Is setting your GTM as a regular forwarder an option? You could set up a forwarding cache on the GTM to resolve any queries that don't match the Wide IP name. This setup is the reverse of what we recommend, which is to have all queries hit GTM first.
  • NickRoyIPL_1779's avatar
    NickRoyIPL_1779
    Icon for Nimbostratus rankNimbostratus
    Nov 20, 2014

    We didn't setup the GTMs and don't have the expertise to do so, we got in 3rd party specialists to help with this.

     

    In testing, I had to edit a hosts file to get to the GTM on one server. The guy who was setting this up asked me to do this.

     

    The only work around we can think of is to create another Wide IP name, eg resources.domain.F5, and resolve that way using forwarders. Even though we've got forwarders in, we gather that as our internal DNS server can't resolve the host for the domain its hosting the primary zone for, it simply just fails.

     

    Nick