Forum Discussion

neil_t_66364's avatar
neil_t_66364
Icon for Nimbostratus rankNimbostratus
Feb 26, 2015

How to setup DNS resolution on GTM

Hi All, I know this may sound simple but I'm having a mind-block on how to setup the gtm to act as a DNS server. I've created two pairs of GTMs, each pair being HA sync'd and all four running gtm sync. I've added in the LTMs and it all looks good. Now I need to create DNS entries on the GTM but can't seem to figure out how to link up the listener, virtual server, wide-IP and pools to do this. In this setup the GTMs will not connect to an internal DNS server and they sit behind a firewall so they use private IP addressing. Would someone be good enough to briefly describe how the various elements work together. I'm sure I'll be able to work it out once I have a rough idea of the steps involved.

 

Thanks in advance.

 

  • If you've added your LTMs into the GTMs as servers you should then be able to start creating pools for your wideIPs using the virtual server contained on your LTM "server"(GTM context) provided you have checked auto discover. You then associated your pools with the appropriate wideIPs. If your GTM will be hosting the whole zone that your wideIPs live in you will probably also need to either setup the zone in ZoneRunner or use an off box DNS server that will be used for a DNS-Express zone to act as an authoritative slave for. Below are some links to some helpful information.

     

    https://devcentral.f5.com/articles/v11-dns-express-ndash-part-1 https://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm-concepts-11-5-0/4.html

     

    • Brad_Parker's avatar
      Brad_Parker
      Icon for Cirrus rankCirrus
      If you have to have your public NATs at the firewall rather than on the LTMs you will need to create your servers/virtual servers on the GTM by hand, you will not be able to use autodiscover. You then add that virtual server to a pool and associate that pool with the appropriate Wide IP. Wide IP always respond as authoritative repsonders, they are not a pool of DNS servers. This SOL should help clarify this as well. https://support.f5.com/kb/en-us/solutions/public/14000/700/sol14707.html
    • neil_t_66364's avatar
      neil_t_66364
      Icon for Nimbostratus rankNimbostratus
      Thanks Brad, from your explanation I can understand now where my problem is. I have auto discovered the ltm virtual servers and that's where I was having the prblen with associating a wideIP with a server pool/VIP. I think I'll now be able to create the wideIP with the virtual server represented by a Public IP address. Thanks again.
  • If you've added your LTMs into the GTMs as servers you should then be able to start creating pools for your wideIPs using the virtual server contained on your LTM "server"(GTM context) provided you have checked auto discover. You then associated your pools with the appropriate wideIPs. If your GTM will be hosting the whole zone that your wideIPs live in you will probably also need to either setup the zone in ZoneRunner or use an off box DNS server that will be used for a DNS-Express zone to act as an authoritative slave for. Below are some links to some helpful information.

     

    https://devcentral.f5.com/articles/v11-dns-express-ndash-part-1 https://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm-concepts-11-5-0/4.html

     

    • Brad_Parker_139's avatar
      Brad_Parker_139
      Icon for Nacreous rankNacreous
      If you have to have your public NATs at the firewall rather than on the LTMs you will need to create your servers/virtual servers on the GTM by hand, you will not be able to use autodiscover. You then add that virtual server to a pool and associate that pool with the appropriate Wide IP. Wide IP always respond as authoritative repsonders, they are not a pool of DNS servers. This SOL should help clarify this as well. https://support.f5.com/kb/en-us/solutions/public/14000/700/sol14707.html
    • neil_t_66364's avatar
      neil_t_66364
      Icon for Nimbostratus rankNimbostratus
      Thanks Brad, from your explanation I can understand now where my problem is. I have auto discovered the ltm virtual servers and that's where I was having the prblen with associating a wideIP with a server pool/VIP. I think I'll now be able to create the wideIP with the virtual server represented by a Public IP address. Thanks again.
  • Thanks Brad, I can see the ability to create a wideIP and add the LTM VIPs, however the IP addresses of the LTM VIPs are all private addresses and I don't want the GTM to forward traffic. I need to GTM to act as a DNS resolver (authoritative server) for our Public address space and I'm having a problem seeing how I build this as I can't see where I match up a Public IP address with a URL. The intention is not to use an internal DNS server to provide this, rather have the GTM cluster work as the authoritative DNS server.