cancel
Showing results for 
Search instead for 
Did you mean: 

DNS query for GTM & LTM based URL's

sathish_2826
Nimbostratus
Nimbostratus

Hi there,

I have couple of questions, my URL is load balanced between two LTM's and one GTM on top of it, so when i hit the application in the browser, it goes to DNS, DNS delegates to GTM for resolution, and GTM resolves one of the LTM IP based on the load balancing method that is set,

 

Now, questions 1 is, once i am logged into the application, if i navigate to different tabs within the same app (different URI's), will the DNS query happen again?

 

Questions 2 is, If F5 sets a TTL of 30 seconds in the initial DNS resolution, after 30 seconds, do DNS have to come to GTM again for resolution.

 

Thanks in Advance.

7 REPLIES 7

cjunior
Nacreous
Nacreous

Hello

1) The DNS works with FQDN (fully qualified domain name) and no matter the URI. The DNS circuit don't care what you are trying to access on server ports e.g. HTTP, ICMP, FTP, etc.

Think DNS is like a address book that associate an address name to a ZIP code. Easier to remember address name than a list of IPv4 or IPv6 number, right?

 

2) If client won't cache, it will query to recursive DNS. If LDNS didn't have it localy cached, LDNS will query for DNS on BIG-IP.

 

E.g.:

If you have IPv4 and IPv6 enabled on you machine and you are trying to access a site that have just IPv4 address, you'll notice the following network activity (wireshark, tcpdump, etc):

Scenario:

Local machine: IPv4 and IPv6 address are set

FQDN: www.mysite.com at X.X.X.X (IPv4 only)

http://www.mysite.com/page.html

http://www.mysite.com/image.png inside page.html

 

1) At first query to www.mysite.com, your machine will ask for AAAA record (IPv6) address resolution.

2) It will get NOERROR from Authority server and no IPv6 to reach.

3) Still on first query, it will try www.mysite.com for A record (IPv4) address resolution.

4) The authority server "mysite.com" will reply an A record like this:

www.mysite.com 30 IN A X.X.X.X

5) So, your machine will store this A record X.X.X.X for 30s, and you will access the URL http://www.mysite.com/page.html

 

6) At second request (during 30 seconds TTL), your machine will ask for AAAA again.

7) Again no response for IPv6 address

😎 Your machine will ask for A record and it is on local cache.

9) Your machine will get this address localy and request for the URL http://www.mysite.com/image.png

 

In this scenario, the machine will always try the IPv6 address first, but once for IPv4 during TTL (time to live) period.

 

I've draw this simple query flow to about basic DNS query.

0691T000008cwBZQAY.png

 

I really hope it helps

Regards

sathish_2826
Nimbostratus
Nimbostratus

Thanks Cjunior for your response, it really helps,

 

Please help me confirm the understanding,

 

I hit, www.mysite.com --> it goes from LDNS to GTM (SOA) --> I get a response back with LTM VIP,

 

Now i will connect to the vip direclty, it gives me a page,

 

now, i am in the application, i will go ahead and click a link within my application within 30 seconds (which is GTM pools TTL), www.mysite.com/report --> I understand, it will again make a DNS query for FQDN, but will pick the answer from cache as this is within TTL value,

 

 

Let's say, i stay inactive in the app for 60 seconds, then i try to click www.mysite.com/process --> it will do a DNS query again for FQDN, it will look at LDNS, which no longer have the cached value as TTL expired, it will go to SOA, F5 GTM for resolution, correct?

 

Conclusion: what i wanted to confirm is, even if i am navigating to different places within my app, every time, it will query DNS for the FQDN,

 

Thank you very much.

Yes, as you set on app to request an FQDN resource, it will ask for name resolution, to get an Internet Protocol address (IP), where this address could be take from hosts file, caches or DNS recursion queries.

So before request a HTTP resource to a certain server name, it will request a DNS resolution to know where the server address lays to that service.

 

Regards.

 

sathish_2826
Nimbostratus
Nimbostratus

thank you, one last question,

 

If my GTM pool TTL is 600 seconds, and i connect to my app, and GTM sends a response to DNS with an LTM vip with a timestamp of 600 seconds, now if the resolved vip go down (status wise) anytime during the 600 second window, will DNS know of that, or will it continue to direct me to the unavailable vip?

Hi,

If your VS goes offline, the customers who got the previous available IP will fail until the TTL expire or cache flushes.

You should consider setting lower values ​​for TTL to have high availability for your application.

 

Regards

One last question, If i enable the wideip persistance ttl to 3600 seconds (default), and i have one pool associated to it, which contains 2 LTM vip's, inside the pool, i set the TTL to 30 seconds, and i select round robin,

 

Please help me understand this, so this means, wideip persistance ensures i get the same pool member for 3600 seconds for DNS queries, and pool TTL ensures that even though i persist for the same IP for 3600 seconds, the client must do a fresh DNS query every 30 seconds so that if the member that i was persisted to went down, the over all GTM persistance gets rewritten with the new member,

 

Can you confirm this please.

Hi,

When query response are persisted, LDNS/client (an IP range) will get same resolved IP during this persistence validity.

When you check to persist to WideIP and keep "Verify Member Availability" on pool marked, in case of persisted member goes unavailable during ttl persistence, BIG-IP should reselect a new member.

 

So, a DNS record TTL is to cache responses on client and TTL persistence is a BIG-IP DNS feature to keep clients routed to destination address they first got.

 

For more: 

https://support.f5.com/csp/article/K15594

 

Regards.