Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

F5 GTM resolution issue

Go to solution
Amr_Ali
Cirrostratus
Cirrostratus

‎31-Aug-2023 03:33

I have an issue with F5 GTM resolution, after using nslookup to check if I can resolve the name of the website, that I created as an A record using wildeIP on GTM, I see that I can receive the correct IP for my website but after i try to access the website through HTTPS it not opened,

 

Amr_Ali_0-1693477930452.png

 

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
vaibhav
Cirrus
Cirrus

‎05-Sep-2023 04:07

Can you share how the zones are configured and how you have setup the WIPs and zone records.Are you delegating the TLD or is it just subzone. 

can you draw the query architecure you have , so technically your TLD should hosted on your DNS externally as the registrar will send traffic on external provider and then the subzone should be aliased to the GTM. Once the subzone is deligated the WIP should be configured under the subzone on your GTM. Can you confirm that you are aligned with same design.
Did you queried the same subzone record that is present in your GTM. For example if your URL is xyz.abc.com it might be aliased to xyz.abc.com.gtm.abc.com ---> as you have ns records 

I do not see the packetcapture query response but i believe you have tried to create a zone replica of the external DNS which might not be sending the query correctly.

 

 

View solution in original post

0 Kudos
7 REPLIES 7

Go to solution
vaibhav
Cirrus
Cirrus

‎31-Aug-2023 05:36

few things to conside : 

1. is the endpoint which is resolved is an F5 LTM or a generic host ?

2. what is the status of the endpoint when you try to access the application directly not via GTM ? 

3. Note that GTM is just DNS and it has no relation with actual data traffic if the wideip is healthy it will return the IP address . you can check on the endpoint directly.

 

0 Kudos

Go to solution
Amr_Ali
Cirrostratus
Cirrostratus
In response to vaibhav

‎31-Aug-2023 05:47

1. is the endpoint which is resolved is an F5 LTM or a generic host? LTM, F5 System

2. what is the status of the endpoint when you try to access the application directly not via GTM ?  working , 

0 Kudos

Go to solution
Mohamed_Ahmed_Kansoh
MVP
MVP

‎31-Aug-2023 06:17

Hi @Amr_Ali , 
I am wondering how do you get the correct IP address for this website , and it shows in Pcap that an error as you should receive NX Domain , not the correct answer. 

Do you enable BIND in the DNS profile ? 
I mean make sure that bigip DNS system replies using wide ip configs

try to clear Local DNS or your windows cache. 

_______________________
Regards
Mohamed Kansoh
0 Kudos

Go to solution
Amine_Kadimi
MVP
MVP

‎31-Aug-2023 16:56

if you configured F5 to be your authoritative server, make sure you configure the zone correctly including nameserver and soa records. You may then need to recreate your wide IPs

F5 is defaulting to "this.name.is.invalid" as you can see in your capture. 

0 Kudos

Go to solution
Amr_Ali
Cirrostratus
Cirrostratus
In response to Amine_Kadimi

‎03-Sep-2023 04:16

hello amine,

I still have not changed the NS record on our Public DNS provider to be our GTM, I tried to test if the configuration was correct before I made this step by adding the listener of GTM manually on My PC and testing to resolve the URL. The query was sent to GTM and I got an answer with the correct IP but after I tried to reach the web over HTTPS it did not open,

and for NS I ask if it must change the default value ( this.name.is.invalid ) ????!!!

0 Kudos

Go to solution
vaibhav
Cirrus
Cirrus

‎05-Sep-2023 04:07

Can you share how the zones are configured and how you have setup the WIPs and zone records.Are you delegating the TLD or is it just subzone. 

can you draw the query architecure you have , so technically your TLD should hosted on your DNS externally as the registrar will send traffic on external provider and then the subzone should be aliased to the GTM. Once the subzone is deligated the WIP should be configured under the subzone on your GTM. Can you confirm that you are aligned with same design.
Did you queried the same subzone record that is present in your GTM. For example if your URL is xyz.abc.com it might be aliased to xyz.abc.com.gtm.abc.com ---> as you have ns records 

I do not see the packetcapture query response but i believe you have tried to create a zone replica of the external DNS which might not be sending the query correctly.

 

 

0 Kudos

Go to solution
Amr_Ali
Cirrostratus
Cirrostratus
In response to vaibhav

‎05-Sep-2023 06:25

thanks, Vaibhav, The issue is solved, it was misconfiguration in wideIP , 

 

appreciate your support 

0 Kudos
Copyright © 2023 Khoros, LLC