I'm looking to rebuild my DNS environment to have local HA clusters of F5 DNS Devices using DNS-E to draw from a hidden master. The one part I can't get info about anywhere is whether/how GSLB will interact in this scenario. Should I have the GSLB elements running on the hidden master only? Should I run Zonerunner on the DNS clusters, use DNS e to draw from several sources? Is GSLB incompatible with hidden masters?
Is anyone able to describe if this is possible? IF so what the best practice implementation is please?
When you say DNS-E/DNS e better give some examples or link as I admit I have not seen this technology as there are so many things in the IT world, you can't keep up with everything, so giving context is important.
Why don't you just use F5 DNS Express that is DNS zone transfers and just block with firewall rules/access lists on a network device/firewall (you can use ip tables on the server but better block traffic before it reaches the DNS server) any DNS/AXFR/IXFR connections to the real DNS server that is not comming from F5 GTM/DNS self-ip?
About GSLB and DNS Express and Zone runner the F5 will always try to first use the GSLB wide ip for DNS resolution and if it does not have any matching wide ip then DNS Express then Zone Runner, so the features will work together:
When you say DNS-E do you mean enhanced DNS, where you can send things like client IP of the orginating requester back to a internal DNS Server? I think there is an option for that in the profile somewhere, but is that what you where thinking?
