Forum Discussion
NimbostratusGTM: Difference Between Zone and Zone-Runner in 11.5.1 Version
Hi Team,
Struck in a query between Zone and Zone-Runner.
Just to give you a background,we are in testing phase and currently we configured in such a way that GTM is passing request to the External_LDNS(Windows DNS)server. How we configured this is as below:
1.Created a Listener having the same IP as the Self-IP of the GTM. 2.Our DNS profile has DNSEXPRESS enabled. 3.Created a Zone named xyz.com as below: DNS > Zones > Zone List > xyz.com a)Under that DNS Express(Advanced), selected External_LDNS(Present Windows DNS)server b)and also under Zone Tranfer Client: Selected NameServers(External Windows Server:External_LDNS and External_LDNS2 )
So, my understanding is this will work as per the above design. Now coming to the next topic of ZoneRunner.
4.a)We also created(xyz.com) under Zones>ZoneRunner>Zone List:having Master-Server named as JDA-DAL-GTM2.jdadelivers.com.
b)Going to resource-record type: we created the below:
JDA-DAL-GTM2.jdadelivers.com ( A) entry IP-ADDRESS xyz.com (NS) ENTRY with Nameserver named as JDA-DAL-GTM2.jdadelivers.com. xyz.com (SOA) ENTRY with Master-Server named as JDA-DAL-GTM2.jdadelivers.com.
c) Once this done,we are planning to enter the manual A records under xyz.com domain, for example: test.xyz.com A record: 1.1.1.1
The above is the full summary whatever we planned, kindly cross-check and guide if this is correct.
Based on this I have few queries:
1.Incase Wide IP is configured into the GTM, whatever be the design/configuration, it first try to resolve the same.Correct ?
2.Secondly if Zone is created as xyx.com( as per our design which is explained above) under DNS > Zones > Zone List, the requests will flow via GTM to External_LDNS the first time, and again as DNSExpress is enabled, the GTM will provide the DNS response the 2nd time onwards for the same query. Correct ?
3.If point 2 is correct, why we are creating ZoneRunner ? In my understanding either you create a Zone and point to the External_DNS as per our design or create Zone-List under Zone-Runner,correct ?
- So,as per the ascending order, it is like:
WideIP > Zone under DNS > Zone under ZoneRunner. Correct ?
Thanks and Regards Pz
3 Replies
Brad_ParkerCirrus
If xyz.com lives on a DNS server behind the GTM and you want to continue to use that as your master DNS server, you have no need to configure a zone in ZoneRunner(BIND). I would recommend just creating your DNS-Express zone to use your windows DNS server as your server. You would then just need to configure that server to allow zone transfers from your GTM as well as notify the GTM when changes are made.
Parveez_70209Hi Brad,
So,just cross-checking what I learnt :
1.We are saying :If we configure GTM not an authoritative DNS server while Windows DNS server is, we just need to create a Zone( Not through the Zone runner as per my existing configuration to pass the request to windows server ist time).
2. a) But if we want to use the GTM as the primary authoritative-server(disabling Windows server)for now, than we need to delete the xyz.com zone created which was inturn holding the External_LDNS(Windows Server) and create a Zone list named xyz.com using the Zone-runner.
b) Keeping the Listener IP as the self-IP of the GTM. c) While creating the xyz.com through zone list under zone runner, we need to create "A" record with the same IP address of the listener, correct ? b)Going to resource-record type: we created the below:(A, NS, SOA records)
JDA-DAL-GTM2.jdadelivers.com ( A) entry IP-ADDRESS xyz.com (NS) ENTRY with Nameserver named as JDA-DAL-GTM2.jdadelivers.com. xyz.com (SOA) ENTRY with Master-Server named as JDA-DAL-GTM2.jdadelivers.com.
c) As an A record under for JDA-DAL-GTM2.jdadelivers.com ,we assigned the same Self-IP/listener IP of the GTM. d) Once all done, we will just create manual entries as A records under it, for example: test.xyz.com A record: 1.1.1.1, correct ?
Now how to test this:
- I have dig installed into my windows 7 PC.
- So, I wanted to test both the scenarios through DIG. How will I do that.
Whether running dig to listener IP from my windows system and doing a tcpdump into the GTM with my Windows 7 IP alongwith port 53 ? Will that help ?
Kindly assist in reviewing this concept which I am cross-checking as that will help me in understanding the whole flow.
Thanks and Regards PZ
- Brad_Parker1.) Technically DNS-express is an authoritative slave. It will respond authoritatively even though the master of the zone is else where. 2.a) Yes, if you want to use on box BIND then you will need to create the zone in Zone-Runner, but you don't want queries to actually ever resolve from on box BIND, you will want your DNS-Express zone create to receive transfers and notifies from ZoneRunner just like you would with your windows DNS server. 2.b) Yes, you wil need an A record that contains the public self IP of your GTM for your SOA and NS records. You can actually use this A record for SOA and NS records of other zones as well if they will live on he GTM. 2.c) I believe what you are asking here, is yes you will just create records in your ZoneRunner zone as needed and if it is setup for notifies those records will then populate into your DNS-Express zone. You can just test your queries against your listener IP with DIG or nslookup. Also, when you create your DNS-Express zone the stats on the zone will tell you how many records exists in the zone, as well as queries received. I hope I've answered your question close to what you are expecting. Here's a good article about DNS-Express and I can't stress enough that you do not want DNS queries to go all the way to the on box BIND instance. If they do you just have a really expensive single threaded BIND server with none of the capibility that you paid for with GTM. https://devcentral.f5.com/articles/v11-dns-express-ndash-part-1
