Forum Discussion
NimbostratusGTM secondary DNS to active directory
I am trying to configure a GTM to be a secondary DNS server to my AD domain. The examples I found discuss using a BIND server (not AD). Can anyone lend assistance?
6 Replies
StewartAltostratus
Hi,
Take a look at DNS express.
This will enable the GTM to serve out the addresses that you configure on your AD Servers. You'll need to setup TSIG to allow zone transfers.
- Stewart
pedinopa_170325I am running 11.5.1 HF5 so the menus do quite match up to the article. I found all of the options under the DNS menu (not Local Traffic Manager).
I created a TSIG
I created my zone using TSIG (I created a nameserver pointing to my AD domain controller)
under zonerunner I modified the named configuration
all of the listners (one for UDP and 1 for TCP) use the dns-express profile
when I tail the ltm log the gtm fails to transfer from AD.
- Stewart
Did you set up TSIG on the AD controller as well?
- pedinopa_170325
no TSIG is not on the AD domain.
- AubreyKingF5
Moderator
This is the easiest way to get this done. I have personally configured this in a Tier 1 Service Provider mobility environment, so I can tell you that performance is QUITE high, when tuned appropriately with a udp profile.
This also allows you to add a full proxy caching dns firewall in front of your AD DNS.
