GTM DNS trickery

Question

So very new to the zonerunner implementation but it looks 'bind-ish'. So what we are trying to accomplish is use GTM both internal and external for delegated zones, but I don't want it to serve DNS requests externally. I'd rather just use dump our regular public NS entries in the external view and slave it to them so that they are in fact the authoritative servers.&nbsp;
Is what I'm trying to do possible?&nbsp;

iheartf5_45022 · Answer

Yes zonerunner is a GTM interface into BIND.&nbsp;
I can see why you might want to slave from regular DNS to GTM,  but not the other way - the reason being that changes to 'regular' DNS servers are less stringently controlled than changes to GTM in my company,  so slaving to a non-GTM server is more easily maintained than updating the GTM directly,  however I see no reason it wouldn't work.&nbsp;

rabbit23_116296 · Answer

Thanks - it's really just the way our company works. We won't be able to make GTM authoritative because of how we manage BIND with PowerDNS.&nbsp;
It also is means that we will have multiple points of entry into the environment. So for us it makes sense to offload the actual DNS NS serving to BIND.
Problem is however I cannot seem to add the F5 NS entry from the master zone on GTM nor add a NS that is outside of the delegated zone.&nbsp;

Forum Discussion

GTM DNS trickery

2 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

2026 301a exam

F5OS login with admin/root failed via console

UCS Encryption Question

Unblock Request WAF

Related Content

F5 DNS/GTM External Monitor(EAV) with SNI support and response code check

Export GTM/DNS Configuration in CSV - tmsh cli script

dns express reboot gtm

F5 XC Distributed Cloud DNS GSLB implementing Split-DNS

Lightboard Lessons: F5 BIG-IP DNS (GTM) iQuery Protocol Overview

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS