Forum Discussion
adrian_171483
Cirrus
CirrusFQDN Node "flush"
Hi all,
we are deploying new Virtual Servers in 11.6.0 using the FQDN node feature.. we have observed that when the DNS record for the FQDN is changed that the old record remains as an ephemeral node and is kind of "stuck" in the virtual server.
This is a problem for us as the that previous web server system might still be live, and I am wondering if this can be flushed when a new record is learned after the timeout period. ?
We often switch URL's to the DR platform, and then switch back using DNS.. we don't want the DR system to be present after the switchback.
thanks
Adrian
10 Replies
nitass_89166Noctilucent
I am wondering if this can be flushed when a new record is learned after the timeout period. ?
can you try to restart bigd? i may be wrong but i think bigip will resolve fqdn node when bigd is restarted.
restart bigd [root@ve11c:Active:In Sync] config tmsh list ltm node google ltm node google { fqdn { autopopulate enabled name www.google.com } state fqdn-up } [root@ve11c:Active:In Sync] config date; tmsh restart sys service bigd Tue May 12 19:25:42 SGT 2015 [root@ve11c:Active:In Sync] config tcpdump [root@ve11c:Active:In Sync] config tcpdump -nni 0.0 -s0 port 53 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 65535 bytes 19:26:01.144898 IP 172.28.24.13.33478 > 8.8.8.8.53: 26437+ A? www.google.com. (32) out slot1/tmm1 lis= 19:26:01.150778 IP 8.8.8.8.53 > 172.28.24.13.33478: 26437 6/0/0 A 74.125.130.105, A 74.125.130.103, A 74.125.130.147, A 74.125.130.99, A 74.125.130.106, A 74.125.130.104 (128) in slot1/tmm1 lis= 19:26:06.149613 IP 172.28.24.13.48936 > 8.8.8.8.53: 26437+ A? www.google.com. (32) out slot1/tmm1 lis= 19:26:06.157343 IP 8.8.8.8.53 > 172.28.24.13.48936: 26437 5/0/0 A 173.194.117.115, A 173.194.117.114, A 173.194.117.113, A 173.194.117.116, A 173.194.117.112 (112) in slot1/tmm1 lis=
adrian_171483I was kind of hoping for a timer that would flush out the record without any intervention
- nitass
Employee
I am wondering if this can be flushed when a new record is learned after the timeout period. ?
can you try to restart bigd? i may be wrong but i think bigip will resolve fqdn node when bigd is restarted.
restart bigd [root@ve11c:Active:In Sync] config tmsh list ltm node google ltm node google { fqdn { autopopulate enabled name www.google.com } state fqdn-up } [root@ve11c:Active:In Sync] config date; tmsh restart sys service bigd Tue May 12 19:25:42 SGT 2015 [root@ve11c:Active:In Sync] config tcpdump [root@ve11c:Active:In Sync] config tcpdump -nni 0.0 -s0 port 53 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 65535 bytes 19:26:01.144898 IP 172.28.24.13.33478 > 8.8.8.8.53: 26437+ A? www.google.com. (32) out slot1/tmm1 lis= 19:26:01.150778 IP 8.8.8.8.53 > 172.28.24.13.33478: 26437 6/0/0 A 74.125.130.105, A 74.125.130.103, A 74.125.130.147, A 74.125.130.99, A 74.125.130.106, A 74.125.130.104 (128) in slot1/tmm1 lis= 19:26:06.149613 IP 172.28.24.13.48936 > 8.8.8.8.53: 26437+ A? www.google.com. (32) out slot1/tmm1 lis= 19:26:06.157343 IP 8.8.8.8.53 > 172.28.24.13.48936: 26437 5/0/0 A 173.194.117.115, A 173.194.117.114, A 173.194.117.113, A 173.194.117.116, A 173.194.117.112 (112) in slot1/tmm1 lis=- adrian_171483I was kind of hoping for a timer that would flush out the record without any intervention
- nitass
I was kind of hoping for a timer that would flush out the record without any intervention
i thought you want to do it manually.
if not, doesn't interval work?
trace [root@ve11c:Active:In Sync] config tcpdump -nni 0.0 -s0 port 53 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 65535 bytes 20:57:51.516574 IP 172.28.24.13.33233 > 8.8.8.8.53: 50723+ A? www.google.com. (32) out slot1/tmm0 lis= 20:57:51.522262 IP 8.8.8.8.53 > 172.28.24.13.33233: 50723 6/0/0 A 74.125.130.147, A 74.125.130.105, A 74.125.130.106, A 74.125.130.99, A 74.125.130.104, A 74.125.130.103 (128) in slot1/tmm0 lis= 20:58:51.506075 IP 172.28.24.13.59459 > 8.8.8.8.53: 50723+ A? www.google.com. (32) out slot1/tmm0 lis= 20:58:51.512165 IP 8.8.8.8.53 > 172.28.24.13.59459: 50723 5/0/0 A 173.194.117.81, A 173.194.117.80, A 173.194.117.84, A 173.194.117.82, A 173.194.117.83 (112) in slot1/tmm0 lis= configuration [root@ve11c:Active:In Sync] config date; tmsh list ltm node google* one-line | grep -iv 200.200.200 Tue May 12 20:58:02 SGT 2015 ltm node google { fqdn { autopopulate enabled interval 60 name www.google.com } state fqdn-up } ltm node google-74.125.130.99 { address 74.125.130.99 ephemeral true fqdn { name www.google.com } } ltm node google-74.125.130.103 { address 74.125.130.103 ephemeral true fqdn { name www.google.com } } ltm node google-74.125.130.104 { address 74.125.130.104 ephemeral true fqdn { name www.google.com } } ltm node google-74.125.130.105 { address 74.125.130.105 ephemeral true fqdn { name www.google.com } } ltm node google-74.125.130.106 { address 74.125.130.106 ephemeral true fqdn { name www.google.com } } ltm node google-74.125.130.147 { address 74.125.130.147 ephemeral true fqdn { name www.google.com } } [root@ve11c:Active:In Sync] config [root@ve11c:Active:In Sync] config [root@ve11c:Active:In Sync] config date; tmsh list ltm node google* one-line | grep -iv 200.200.200 Tue May 12 20:58:57 SGT 2015 ltm node google { fqdn { autopopulate enabled interval 60 name www.google.com } state fqdn-up } ltm node google-173.194.117.80 { address 173.194.117.80 ephemeral true fqdn { name www.google.com } } ltm node google-173.194.117.81 { address 173.194.117.81 ephemeral true fqdn { name www.google.com } } ltm node google-173.194.117.82 { address 173.194.117.82 ephemeral true fqdn { name www.google.com } } ltm node google-173.194.117.83 { address 173.194.117.83 ephemeral true fqdn { name www.google.com } } ltm node google-173.194.117.84 { address 173.194.117.84 ephemeral true fqdn { name www.google.com } }- adrian_171483The interval is 3600 seconds but the ephemeral node is still in there (after 2 days) even though the DNS entry does not exist any more
- nitasscan you try tcpdump on dns?
- nitass_89166
I was kind of hoping for a timer that would flush out the record without any intervention
i thought you want to do it manually.
if not, doesn't interval work?
trace [root@ve11c:Active:In Sync] config tcpdump -nni 0.0 -s0 port 53 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 65535 bytes 20:57:51.516574 IP 172.28.24.13.33233 > 8.8.8.8.53: 50723+ A? www.google.com. (32) out slot1/tmm0 lis= 20:57:51.522262 IP 8.8.8.8.53 > 172.28.24.13.33233: 50723 6/0/0 A 74.125.130.147, A 74.125.130.105, A 74.125.130.106, A 74.125.130.99, A 74.125.130.104, A 74.125.130.103 (128) in slot1/tmm0 lis= 20:58:51.506075 IP 172.28.24.13.59459 > 8.8.8.8.53: 50723+ A? www.google.com. (32) out slot1/tmm0 lis= 20:58:51.512165 IP 8.8.8.8.53 > 172.28.24.13.59459: 50723 5/0/0 A 173.194.117.81, A 173.194.117.80, A 173.194.117.84, A 173.194.117.82, A 173.194.117.83 (112) in slot1/tmm0 lis= configuration [root@ve11c:Active:In Sync] config date; tmsh list ltm node google* one-line | grep -iv 200.200.200 Tue May 12 20:58:02 SGT 2015 ltm node google { fqdn { autopopulate enabled interval 60 name www.google.com } state fqdn-up } ltm node google-74.125.130.99 { address 74.125.130.99 ephemeral true fqdn { name www.google.com } } ltm node google-74.125.130.103 { address 74.125.130.103 ephemeral true fqdn { name www.google.com } } ltm node google-74.125.130.104 { address 74.125.130.104 ephemeral true fqdn { name www.google.com } } ltm node google-74.125.130.105 { address 74.125.130.105 ephemeral true fqdn { name www.google.com } } ltm node google-74.125.130.106 { address 74.125.130.106 ephemeral true fqdn { name www.google.com } } ltm node google-74.125.130.147 { address 74.125.130.147 ephemeral true fqdn { name www.google.com } } [root@ve11c:Active:In Sync] config [root@ve11c:Active:In Sync] config [root@ve11c:Active:In Sync] config date; tmsh list ltm node google* one-line | grep -iv 200.200.200 Tue May 12 20:58:57 SGT 2015 ltm node google { fqdn { autopopulate enabled interval 60 name www.google.com } state fqdn-up } ltm node google-173.194.117.80 { address 173.194.117.80 ephemeral true fqdn { name www.google.com } } ltm node google-173.194.117.81 { address 173.194.117.81 ephemeral true fqdn { name www.google.com } } ltm node google-173.194.117.82 { address 173.194.117.82 ephemeral true fqdn { name www.google.com } } ltm node google-173.194.117.83 { address 173.194.117.83 ephemeral true fqdn { name www.google.com } } ltm node google-173.194.117.84 { address 173.194.117.84 ephemeral true fqdn { name www.google.com } }- adrian_171483The interval is 3600 seconds but the ephemeral node is still in there (after 2 days) even though the DNS entry does not exist any more
- nitass_89166can you try tcpdump on dns?
