Forum Discussion
NimbostratusSetting Virtual Server to Load balance Windows DNS Server.
Hi all, i am trying to setup a virtual Server to load balance 3 Windows DNS (DC) server. I followed the documentation dns-load-balancing-dg.pdf, ran the template Generic DNS and from the BigIP side, all seems ok. But when i try to resolve any address with nslookup i get the error DNS Request Timed out Timout was 2 seconds Server: Unknown Address : x.x.x.x (my virtual Server IP)
Our goal is to setup a Virtual Server to load balance 3 DNS servers and configure all of our servers to point to that Virtual IP in the preferred DNS Server, so in the event we loose our current preferred DNS, the others will take over.
BigIp Version is 10.2.3 (build 112.0)
Thanks,
Pierre.
36 Replies
Danielle_DaigleSeems like it took a while then stop working again.... anyway, i put back the config and all is working fine. however, i thought the DNS Monitor created during creation would make a check that DNS service is responding before making node available. i currently have 3 nodes (dns server) and if i stop the service on one of them, it still appears as green.... am i missing something ?
thanks again.
- nitass
Employee
i currently have 3 nodes (dns server) and if i stop the service on one of them, it still appears as green
what monitor are you using? is it udp monitor?
sol6143: UDP health monitor operation
http://support.f5.com/kb/en-us/solutions/public/6000/100/sol6143.htmlthese are example of external monitors.
DNS Monitor Using Dig
https://devcentral.f5.com/wiki/advdesignconfig.DNSMonitorUsingDig.ashxDNS Monitor Using NS Lookup
https://devcentral.f5.com/wiki/advdesignconfig.DNSMonitorUsingNSLookup.ashx - Danielle_Daigle
Yes.... the one created with the wizard, it sends a hex strings and expects another for response. However i cannot validate that a node is excluded if i stop the dns service.
- nitass
However i cannot validate that a node is excluded if i stop the dns service.
can you post the monitor?
tmsh list ltm monitor udp (name) - Danielle_Daigle
ltm monitor udp Fasken_DNS_monitor { debug "no" defaults-from udp destination : interval 30 recv "\x00\x01.*\x04\xac\x14\xef\x40" send "\xf7\x2e\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x0dfaskenconnect\x03com\x00\x00\x01\x00\x01" send-packets "2" time-until-up 0 timeout 91 timeout-packets "2" }
- nitasshave you tried tcpdump to see what is going on (why pool member is marked up even dns server is down)?
- Danielle_Daigle
i ran this on the bigip :
tcpdump -nni 0.0:nnn -s0 -w /var/tmp/output.pcap '(host 172.20.239.146 or host 172.20.31.21 port 53)' or icmp -v172.20.31.21 is the DC with DNS Service Down. Then from my wks i did a nslookup i have the capture and here's what i see comming from my wks.
- nitassi thought you are going to capture health monitor traffic (between non-floating selfip on bigip and dns server ip) which marks pool member up but dns server is down.
- Danielle_Daigle
can you explain how would i do this please.
- nitass
can you explain how would i do this please.
i thought you are saying health monitor still marks pool member (dns server) up even the dns server is shut down, aren't you?
if yes, i think you may have to capture the health monitor traffic between non-floating self ip on bigip and the dns server ip to see why the monitor still marks the dns server up.
tcpdump -nni 0.0:nnn -s0 -w /var/tmp/output.pcap host x.x.x.x and host y.y.y.y and port 53 -v x.x.x.x is non-floating self ip on bigip y.y.y.y is dns server ip - Danielle_Daigle
non-floating self ip... you mean the virtual server ip pointing to my 3 DNS servers right ? once i run the tcpdump, do i issue a nslookup ? or something else ?
- nitass
non-floating self ip... you mean the virtual server ip pointing to my 3 DNS servers right ?
no, it is non-floating self ip on vlan which dns server resides.
once i run the tcpdump, do i issue a nslookup ? or something else ?
no, traffic will be generated automatically by health monitor.
