For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

John_K_01_16461's avatar
John_K_01_16461
Icon for Nimbostratus rankNimbostratus
Nov 10, 2016

How to integrate GTM with a third party managed DNS service

I am looking into setting up GTM, but I haven't found a clear answer on how it would work with a third party managed DNS service. Currently we are using a managed service company and don't want to bring our public DNS management "in-house." What is the proper way to have DNS queries for a specific FQDN routed to the GTM listener?

 

For example, we have many public records, but we want to create a new service called service.mycompany.com which is globally load balanced. To direct DNS queries for this single FQDN, would I just create an NS record for this entry pointing to my GTM listener?

 

application delivery
BIG-IP DNS

3 Replies

  • Vijay_E's avatar
    Vijay_E
    Icon for Cirrus rankCirrus
    Nov 10, 2016

    The setup.

    Create A-Records for the 2 GTM using their Listener IP addresses:

    gtm1.wip.domain.com. IN A 100.100.100.100
gtm2.wip.domain.com. IN A 200.200.200.200

    Delegate the sub-domain to the GTM using NS Records:

    wip.domain.com. IN NS gtm1.wip.domain.com.
wip.domain.com. IN NS gtm2.wip.domain.com.

    Use CNAME records:

    www.domain.com. IN CNAME www.wip.domain.com.

    The above DNS records (A, NS & CNAME) will be added to the 3rd party DNS records that is already set up for

    SOL277 - Sub-domain delegation.

  • David__Pasch's avatar
    David__Pasch
    Icon for Altostratus rankAltostratus
    Nov 10, 2016

    Don't forget the related GTM A records that will need to be in place to support those NS records, but YES, you are correct in your assumption of how to get the query to the GTM device. This can be done one of two ways, per record, or for an entire sub-domain. Based on your processes and policies, one may be better than the other.

     

    For instance(s): If people can use whatever name you provide, then creating a completely delegated sub-domain can minimize your need to interact with the 3rd party. But, if you have to use the names/domains established, like vs. new sub-domain), you would still have to engage them for the CNAME that gets the client from to .

     

    If you were to choose a per record strategy, you would just need to add the NS entries as you noted above. Assuming the A records for the GTM are already in place on the DNS.

     

    Once again, this would be based on how you prefer to operate. Both methods will work fine.

     

    Hope this helps!

     

  • JoshBecigneul's avatar
    JoshBecigneul
    Icon for MVP rankMVP
    Nov 10, 2016

    We also use this method for our customers. In our case we have a shared GTM system, for use with multiple customers. For ease of tracking usage, we embed the entire original FQDN into the wide-ip.

    www.example.com IN CNAME www.example.com.lb.provider.com.

    This may not apply to your case, but I add it here to show the flexibility possible in such a setup.