For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

f5user_108265's avatar
f5user_108265
Icon for Nimbostratus rankNimbostratus
Jul 17, 2008

GTM iRule defining external DNS server

Hi everybody,     I am facing the following problem. I would like to force the GTM to query an internal (accessible only by the BIG-IP on the private side) DNS server if the DNS record cann...
application delivery
dev
devops
iRules
ALeu_26892's avatar
ALeu_26892
Icon for Nimbostratus rankNimbostratus
Jul 21, 2008

Posted By citizen_elah on 07/21/2008 5:42 AM

 

 

Yes, you would enable recursion (beware, note the CERT VU800113 published a couple of weeks ago) and set up forwarders in your bind configuration (GTM->ZoneRunner->Named Configuration)

 

 

   
   options {   
       forward only;   
       forwarders {   
           ns1.internal.company.com;   
           ns2.internal.company.com;   
       };   
       recursion yes;   
   };

 

 

 

 

Hmm, is it possible to configure something like this on the zone level? I am trying to accomplish this by entering the following code within the zone options field:

 

 

 
 type forward; 
 forwarders { 
     internal.dns.server1.com; 
     internal.dns.server2.com; 
 };

 

 

and of course enabling recursion on in the named.conf file:

 

 

 
 recursion yes;

 

 

Unfortunately, my BIG-IP does not seem to like the "type forward;" statement. When I click on the update button nothing happens (the IE progress bar keeps running until the page times out.)