Replacing a DNS Server with F5 BIG-IP DNS

First things first, you have decided to deploy F5 BIG-IP DNS to replace a BIND server after receiving notifications from your information assurance officer or your friendly LinkedIn community that ad...
Published Feb 23, 2018
Version 1.0
application delivery
BIG-IP
BIG-IP DNS
dns
gtm
Steve_Lyons's avatar
Steve_Lyons
Ret. Employee
Mar 07, 2018

Piotr, we are on the same page now. So this article is specific to actually replacing a BIND box and no longer using an off box bind server as the authoritative DNS server in a master/slave relationship. With that, in order to provide administrators a UI to create/modify/delete records, zones, etc. you must use ZoneRunner. If you are simply trying to configure DNSExpress to accept zone transfers and respond to DNS queries versus the hidden master, you are correct that ZoneRunner is not needed. Check out the solution article below. This actually provides guidance to the question above about having multiple Authoritative DNS Servers. It covers creating a pool of DNS Servers. Hope this clarifies everything.

 

https://support.f5.com/csp/article/K13940auth1

 

Replacing DNS Server 1. Zone created in ZoneRunner (On-box bind instance), zone transfer requested by ZoneRunner to Off-box bind. 2. Off-box bind sends zone to ZoneRunner 3. Also-Notify initiates zone transfer to DNSExpress 4. Changes in ZoneRunner initiate a notify message to DNSExpress for additions, changes, deletions, etc.

 

Using Hidden Master 1. Zone created in DNSExpress, zone transfer requested by DNSExpress to Off-box bind. 2. Off-box bind sends zone info to DNSExpress 3. Changes on off-box bind generate notify message to send zone changes directly to DNSExpress