What IP's to use for DNS Listeners?
- Nov 19, 2015
"A listener object that is not defined as a self IP address cannot direct name resolution requests to BIND"
If you don't require that (and I usually make sure that requests not serviced by GTM are dropped myself), then you have no issues AFAIK.
Possibly it's listed as not best practice because if GTM can't resolve it, you won't get any answer, and whoever wrote it wanted to make sure at least SOMETHING was given back (e.g. for addresses that ARE NOT serviced by GTM - i.e. not WideIP's).
However for most of the installs I've done, that was the DESIRED effect anyway... Because I don't like running GTM's inline with normal DNS services - i.e. I like my GTM's to be serving ONLY WideIP's.
See this scenario-----
A DNS server already exists at IP address 10.2.5.37.
There are two VLANs, named external and guests.
There are two wide IPs: www.siterequest.com and downloads.siterequest.com. After being integrated into the network, Global Traffic Manager is responsible for the following actions:
Managing and responding to requests for the wide IPs
Forwarding other DNS traffic to the existing DNS server
Forwarding any traffic from the guests VLAN to the rest of the network To implement this configuration, Global Traffic Manager requires three listeners:
A listener with an IP address that is the same as the self IP address of Global Traffic Manager. This listener allows the system to manage DNS traffic that pertains to its wide IPs.
A listener with an IP address of 10.2.5.37, the IP address of the existing DNS server. This listener allows the system to forward incoming traffic to the existing DNS server.
A wildcard listener enabled on the guests VLAN. This listener allows Global Traffic Manager to forward traffic sent from the guests VLAN to the rest of the network.