Forum Discussion
Shaun_81936
Nimbostratus
NimbostratusExternal GTMs - load balance Internal DNS name
We currently use two GTMs (sync set located in DMZ) to load balance external DNS names and would like to utilize them to load balance a critical internal DNS name.
I'm not sure what the correct procedure would be to accomplish this - I was thinking that I need to setup an interal view and add this to the options:
match-clients {
10.0.0.0/8;
"zrd-acl-000-002";
};
Then add a zone to the internal view for this domain name and create an entry for this critical DNS name.
Modify the named - add these entries:
options {
listen-on port 53 {
127.0.0.1;
"zrd-acl-000-000";
"zrd-acl-000-002";
};
acl "zrd-acl-000-002" {
127.10.0.2;
};
On my internal windows DNS servers for this Domain zone - add my GTMs as name servers.
Is this the best method to accomplish this? Is anyone else doing this - what method are you using?
Thank you,
Shaun
semperfiguy_759Shaun,
I have used the BIND Views feature on GTM to do this and it works well. I also looked at doing this with Topology Regions in GTM, but Views seemed to make more sense.
One thing to look out for:
When you create the “internal” Wide IP, make sure you have an “internal” view A record in Zone runner and “external” has an “external”. By default it creates on A record, but GTM does not know which one.
-Bob
Shaun_81936Bob,
Thanks for the reply - I have a question regarding the configuration of your internal windows DNS server configuration for this same domain.
I have my GTM configured for this Wide IP - example.abc.com and I have a abc.com zone setup on it.
abc.com is may internal domain name and I cannot get my Windows DNS server to look to the GTM for the Wide IP dns name example.abc.com when it does not find the record in its abc.com zone - how did you configure your Windows DNS server to accomplish this?
Thanks again,
Shaun- semperfiguy_759Hey Shaun,
Sorry for the LATE reply. You can create A records in the Windows forward lookup zone for the DNS listener on each GTM. After that create NS records for the subdomain or host you wish to delegate to GTM.
A gtm1.abc.com1.1.1.1
A gtm2.abc.com2.2.2.2
NS example.abc.comgtm1.abc.com gtm2.abc.com 
rajesh1HI Rob,
I am looking for bind view configuration on the GTM
Can you share the sample bind view configuration on the GTM's ?
Regds,
Raj- If you are running v11.0 you can always attach an LTM iRule to the GTM listeners with something like this if you have a per-determined TLD like .local for your internal dns structure.
when DNS_RESPONSE { if { ([DNS::question name] ends_with ".local") and !([IP::addr [IP::remote_addr] equals 10.0.0.0/8] or [IP::addr [IP::remote_addr] equals 172.16.0.0/12] or [IP::addr [IP::remote_addr] equals 192.168.0.0/16]) } { DNS::drop } }
