For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Devlin_T_149357's avatar
Devlin_T_149357
Sep 28, 2017

GTM/DNS Topology Record and Local DNS Question

Hello all   A quick question if I may...if a DNS request is sent from a client machine to its local DNS, which then forwards the query to another DNS server before finally being delegated to the G...
application delivery
BIG-IP DNS
gtm
local dns
topology
Stanislas_Piro2's avatar
Stanislas_Piro2
Icon for Cumulonimbus rankCumulonimbus
Sep 28, 2017

Hi,

 

You can picture dns like http.

 

In http, there is:

 

  • The client browser
  • the proxy server
  • a chained proxy server
  • web servers
    • webserver 1
    • webserver 2

The web servers only know the IP address of the last proxy in the list (except with xff header) or the client ip addresss if no proxy is configured.

 

In dns, there is:

 

  • the dns client
  • dns forwarders (local dns)
  • dns servers (like gtm)

All operating systems use forwarders. You can't bypass this step.

 

When requesting , the last forwarder will request :

 

  • one root server which will reply with a NS of com zone servers
  • one com zone server which will reply with a NS of company.com zone servers
  • one company.com zone server which will reply with the A of (or a cname)

All these dns servers only know the last dns forwarder as client local dns