Forum Discussion

Ireda's avatar
Icon for Cirrus rankCirrus
Nov 25, 2023

GTM- Zone list (Offline (Enabled) - Failed AXFR)


I need to enable DNS Express but locally on GTM, I mean GTM will act as DNS.

But when I created zone list , it shown offline and did not appare in zonerunner

please check attached, version 17.0.0

  • Hi Ireda , 

    well this shouldn't work. 

    you need to go to Zonerunner first then define the NS which you will receive the zones from it. 
    then you can use the DNS Express to transfer that zone internally. 

    I recommend you to add the original Name server which you will recieve the Zones from it directly and don't perform the zone transfer in BIND or Zonerunner. 

    I mean : 
    Add the name server IP of the Original owner of Zones directly not the ( ) , because when you do that >>> you configure bigip to use DNS express for specific Zones exists already on the Bigip BIND DB file and at the same time ( BIND hasn't these Zones ) 

    So you have two solutions : 

    1- Add the Orignal Name server ( owner of Zones ) in the Zone runner while defining specific Zone in BIND , then by using ( ) NS in DNSExpress will be sufficient to enabe the DNSExpress for this zone. 

    2- Add the Originlal NS and attach it in the DNSExpress Zones. 

    Don't forget to create two listeners listen on ( 53 Port - TCP ) and ( 53 port - UDP )

    Then add the listener ip address in " Allow-transfer " field on the Original server that owen the Zones 

6 Replies

  • Are you allowing the XFR requests on the master? Have TCP 53 permitted between both DNS servers?

    • Ireda's avatar
      Icon for Cirrus rankCirrus

      Hi whisperer 

      I need to use GTM itself as a DNS by create static zone on it, is needed to allow XFR? how?

  • Hi Ireda , 

    Have you added " Allow-transfer " ( listener :53 ) or not. 
    you should add this in the config file in the device that owen that zone , and listener is the bigip that you want to move that zone to.

    For this Zone to appeare in Bigip BIND or Zonerunner you may need to define it in the zonerunner not only in : Zone list " DNS Express " part. 

    But I recommend avoiding using Bigip BIND for resolution it somehow slow and consume bigip system resources whereas DNSexpress is much faster and reliable and will meet your needs.