Forum Discussion
Ireda
Cirrostratus
CirrostratusGTM- Zone list (Offline (Enabled) - Failed AXFR)
Dears, I need to enable DNS Express but locally on GTM, I mean GTM will act as DNS. But when I created zone list , it shown offline and did not appare in zonerunner please check attached, version ...
Hi Ireda ,
well this shouldn't work.
you need to go to Zonerunner first then define the NS which you will receive the zones from it.
then you can use the DNS Express to transfer that zone internally.
I recommend you to add the original Name server which you will recieve the Zones from it directly and don't perform the zone transfer in BIND or Zonerunner.
I mean :
Add the name server IP of the Original owner of Zones directly not the ( 127.0.0.1 ) , because when you do that >>> you configure bigip to use DNS express for specific Zones exists already on the Bigip BIND DB file and at the same time ( BIND hasn't these Zones )
So you have two solutions :
1- Add the Orignal Name server ( owner of Zones ) in the Zone runner while defining specific Zone in BIND , then by using ( 127.0.0.1 ) NS in DNSExpress will be sufficient to enabe the DNSExpress for this zone.
2- Add the Originlal NS and attach it in the DNSExpress Zones.
>>>>>>>>>>><<<<<<<<<<<<<<<
Don't forget to create two listeners listen on ( 53 Port - TCP ) and ( 53 port - UDP )
Then add the listener ip address in " Allow-transfer " field on the Original server that owen the Zones
Hi Ireda ,
Have you added " Allow-transfer " ( listener :53 ) or not.
you should add this in the config file in the device that owen that zone , and listener is the bigip that you want to move that zone to.
https://www.zytrax.com/books/dns/ch7/xfer.html#allow-transfer
For this Zone to appeare in Bigip BIND or Zonerunner you may need to define it in the zonerunner not only in : Zone list " DNS Express " part.
But I recommend avoiding using Bigip BIND for resolution it somehow slow and consume bigip system resources whereas DNSexpress is much faster and reliable and will meet your needs.
IredaYes, I created the UDP listener with port 53 and DNS profile attached to it with Enable DNS Express, but my issue why Zone list offline although i create name server GTM itself "127.0.0.1" and did not appare in zone runner?
- whisperer
MVP
Zone transfer uses TCP. So you should also have a TCP listener with port 53. You can absolutely self host DNS on F5 GTM using BIND/Zonerunner and zone transfer into DNS Express.
The following should also be of good benefit to read:
https://community.f5.com/t5/technical-articles/dns-express-and-zone-transfers/ta-p/281841
Hi Ireda ,
well this shouldn't work.
you need to go to Zonerunner first then define the NS which you will receive the zones from it.
then you can use the DNS Express to transfer that zone internally.
I recommend you to add the original Name server which you will recieve the Zones from it directly and don't perform the zone transfer in BIND or Zonerunner.
I mean :
Add the name server IP of the Original owner of Zones directly not the ( 127.0.0.1 ) , because when you do that >>> you configure bigip to use DNS express for specific Zones exists already on the Bigip BIND DB file and at the same time ( BIND hasn't these Zones )
So you have two solutions :
1- Add the Orignal Name server ( owner of Zones ) in the Zone runner while defining specific Zone in BIND , then by using ( 127.0.0.1 ) NS in DNSExpress will be sufficient to enabe the DNSExpress for this zone.
2- Add the Originlal NS and attach it in the DNSExpress Zones.
>>>>>>>>>>><<<<<<<<<<<<<<<
Don't forget to create two listeners listen on ( 53 Port - TCP ) and ( 53 port - UDP )
Then add the listener ip address in " Allow-transfer " field on the Original server that owen the Zones
