Forum Discussion

Cirrostratus

Dec 02, 2009

LTM Returns "Refused" DNS Response

Hi. I've got a DNS server in a VLAN routed by a 9.3.1HF6 LTM. Queries are sent to the DNS server through a 0.0.0.0:* wildcard virtual server. Pretty frequently (as in every 30-60 seconds) I get a DNS ...

config

design

L4L7_53191

Nimbostratus

Dec 03, 2009

Sorry for the misunderstanding: I read "VS I created a DNS VIP, used the DNS server as a Pool Member" and assumed that you'd moved on from a forwarder configuration. Either way, it still holds true: the named config on the BigIP shouldn't affect this at all.

So a couple of other thoughts: you've got it set up in a way that tells the BigIP to bind that 0.0.0.0 virtual to all vlans - internal, external, etc., so any traffic *that doesn't match a virtual server VIP* will pass through to this listener. It's somewhat more typical to bind a wide open forwarder to a specific VLAN for security reasons (e.g. the internal vlans for outbound access). Do you by chance have GTM installed on this box as well or any port 53 VIPs setup?

-Matt

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)