Forum Discussion

Parveez_70209's avatar
Parveez_70209
Icon for Nimbostratus rankNimbostratus
Feb 25, 2015

GTM: Difference Between Zone and Zone-Runner in 11.5.1 Version

Hi Team,   Struck in a query between Zone and Zone-Runner.   Just to give you a background,we are in testing phase and currently we configured in such a way that GTM is passing request to the E...
Parveez_70209's avatar
Parveez_70209
Icon for Nimbostratus rankNimbostratus
Feb 25, 2015

Hi Brad,

 

So,just cross-checking what I learnt :

 

1.We are saying :If we configure GTM not an authoritative DNS server while Windows DNS server is, we just need to create a Zone( Not through the Zone runner as per my existing configuration to pass the request to windows server ist time).

 

2. a) But if we want to use the GTM as the primary authoritative-server(disabling Windows server)for now, than we need to delete the xyz.com zone created which was inturn holding the External_LDNS(Windows Server) and create a Zone list named xyz.com using the Zone-runner.

 

b) Keeping the Listener IP as the self-IP of the GTM. c) While creating the xyz.com through zone list under zone runner, we need to create "A" record with the same IP address of the listener, correct ? b)Going to resource-record type: we created the below:(A, NS, SOA records)

 

JDA-DAL-GTM2.jdadelivers.com ( A) entry IP-ADDRESS xyz.com (NS) ENTRY with Nameserver named as JDA-DAL-GTM2.jdadelivers.com. xyz.com (SOA) ENTRY with Master-Server named as JDA-DAL-GTM2.jdadelivers.com.

 

c) As an A record under for JDA-DAL-GTM2.jdadelivers.com ,we assigned the same Self-IP/listener IP of the GTM. d) Once all done, we will just create manual entries as A records under it, for example: test.xyz.com A record: 1.1.1.1, correct ?

 

Now how to test this:

 

  1. I have dig installed into my windows 7 PC.
  2. So, I wanted to test both the scenarios through DIG. How will I do that.

Whether running dig to listener IP from my windows system and doing a tcpdump into the GTM with my Windows 7 IP alongwith port 53 ? Will that help ?

 

Kindly assist in reviewing this concept which I am cross-checking as that will help me in understanding the whole flow.

 

Thanks and Regards PZ

 

  • Brad_Parker's avatar
    Brad_Parker
    Icon for Cirrus rankCirrus
    Feb 26, 2015
    1.) Technically DNS-express is an authoritative slave. It will respond authoritatively even though the master of the zone is else where. 2.a) Yes, if you want to use on box BIND then you will need to create the zone in Zone-Runner, but you don't want queries to actually ever resolve from on box BIND, you will want your DNS-Express zone create to receive transfers and notifies from ZoneRunner just like you would with your windows DNS server. 2.b) Yes, you wil need an A record that contains the public self IP of your GTM for your SOA and NS records. You can actually use this A record for SOA and NS records of other zones as well if they will live on he GTM. 2.c) I believe what you are asking here, is yes you will just create records in your ZoneRunner zone as needed and if it is setup for notifies those records will then populate into your DNS-Express zone. You can just test your queries against your listener IP with DIG or nslookup. Also, when you create your DNS-Express zone the stats on the zone will tell you how many records exists in the zone, as well as queries received. I hope I've answered your question close to what you are expecting. Here's a good article about DNS-Express and I can't stress enough that you do not want DNS queries to go all the way to the on box BIND instance. If they do you just have a really expensive single threaded BIND server with none of the capibility that you paid for with GTM. https://devcentral.f5.com/articles/v11-dns-express-ndash-part-1