Forum Discussion

Rahul_Yadav's avatar
Jan 31, 2020

F5 GSLB - delegation

Hi,   This query more focused toward normal DNS functionality, scenario given below, want to understand how normal DNS and F5 DNS/GSLB work together:   Let's we have delegated one domain on 2 F5...
  • Simon_Blakely's avatar
    Simon_Blakely
    Feb 03, 2020

    > My concern is that, does primary DNS every time goes to both GSLB/DNS irrespective to their availability?

     

    That is a decision made by the DNS resolver, whatever that is, as it seeks to resolve the name.

    If your primary DNS server allows recursive queries, then it might make that decision itself, but that is generally not the case.,

     

    Your primary DNS (pDNS) serves mydomain.com.

    Your BigIP DNS servers serve gslb.mydomain.com.

     

    A DNS resolver (tDNSr)) asks pDNS for app1.mydomain.com.

    pDNS replies with a CNAME app1.gslb.mydomain.com.

    tDNSr sends a query to pDNS for NS records for gslb.mydomain.com.

    pDNS replies with with 2 NS records

    NS ns1.gslb.mydomain.com

    NS ns2.gslb.mydomain.com

    pDNS also appends the DNS glue records giving the A records for

    ns1.gslb.mydomain.com A 1.1.1.1

    ns2.gslb.mydomain.com A 2.2.2.2

     

    tDNSr then makes queries to ns1.gslb.mydomain.com, ns2.gslb.mydomain.com using the provided A records.

    How tDNSr makes those queries is up to the DNS resolver - it may always try the first nameserver returned, it may try both and see which one responds first, or it may randomly choose one, and if the query times out, choose the other. This cannot be controlled by the DNS configuration - it is DNS resolver implementation dependent.

     

    If your pDNS allows recursive requests, then some of the above steps are internal to pDNS and it is a bit faster. But whether it makes sub-domain resolution requests in parallel or in series (using a round robin approach) depends on the primary DNS server configuration, and not the BigIPs or the DNS configuration.