Forum Discussion
NimbostratusSource IP F5 DNS Zone Forwarder
I just create configuration for zonerunner, so that client can use F5 for resolving internet domain. When i did tcpdump on the F5, i see that f5 using self ip as source ip for forwarding DNS request. To use the F5, client using listener ip address that different from self ip.
My question :
- How to change the source IP when F5 Forwarding DNS request, we want the source ip = listener ip address.
Thanks
3 Replies
- LiefZimmerman
Admin
jbudi1 - if your question has been answered - please consider choosing Mark As Solution to help other community members find good answers more quickly.
If not, perhaps a follow-up clarification will help the community get an answer for you?
- Nikoolayy1
MVP
You need think why you want to do this first?
You have a self-ip in the same range as the Listener/DNS virtual server and by having the correct routing the F5 will use it and it then if you have SNAT automap the source ip will be that self-ip.
EDNS0 Implementation and Troubleshooting recommendations
Other than that nowadays DNS should utilize EDNS "Insert Source Address into Client Subnet Option" Overview of the DNS profile (14.x and later) as the client ip is what the end DNS servers should be interested off.
Also better use Wide IP configurations and what can't be resolved by the wide IP will be send to a DNS pool under the listener. That is the better way for me as without health monitors and with Generic hosts it is like Zonerunner/Bind.
Overview of DNS query processing on BIG-IP systems
How does the BIG-IP GTM/DNS decide on a DNS response
