Forum Discussion

Nimbostratus

Mar 07, 2018

Zonerunner Issue

Hi guys, i'm trying to solve two big issue using my F5 as master DNS. First: i want to forward a full PTR network (in my case a /16) to another BIND but it doesn't seems to work. PTR are resolve...

application delivery

BIG-IP DNS

Giammarco

Nimbostratus

Mar 07, 2018

Hi,

yes, this is the named configuration on the F5

restrict rndc access to local machines
use the key in the default place: /config/rndc.key
controls {
    inet 127.0.0.1 port 953 allow {
        127.0.0.1;
    };
};
logging {
    channel logfile {
        syslog daemon;
        severity error;
        print-category yes;
        print-severity yes;
        print-time yes;
    };
    category default {
        logfile;
    };
    category config {
        logfile;
    };
    category notify {
        logfile;
    };
};
options {
    listen-on port 53 {
        127.0.0.1;
        "zrd-acl-000-001";
        "zrd-acl-000-002";
        "zrd-acl-000-000";
    };
    listen-on-v6 port 53 {
        ::1;
    };
    recursion yes;
    directory "/config/namedb";
    allow-transfer {
        localhost;
    };
    allow-recursion {
        lan_hosts;
    };
    check-names master warn;
    check-integrity yes;
    max-journal-size 1M;
    forwarders {
        8.8.8.8;
        8.8.4.4;
    };
};
acl "zrd-acl-000-000" {
    127.10.0.0;
};
acl "zrd-acl-000-002" {
    127.10.0.2;
};
acl "lan_hosts" {
    10.10.10.0/24;
};
acl "zrd-acl-000-001" {
    127.10.0.1;
};
acl "extkey" {
    key "external";
};
acl "noextkey" {
    !key "external";
};
key "external" {
    algorithm hmac-md5;
    secret "";
};

the dig command that I'm doing is a simple:

dig @IP(AD or F5) SRV test.local

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)