Forum Discussion

Ravager's avatar
Ravager
Icon for Altostratus rankAltostratus
Aug 12, 2021

Split brain forwarder query

Given a split brain zone xyz.com.

 

I want to be able to specify which forwarder is used to fully resolve the ip with no referrals.

 

ie

awssftp.xyz.com internally goes to a cname awsftp.int.xyz.com which via wide ip will give a appropriate 10.x.x.x

awssftp.xyz.com externally goes to a cname awsftp.ext.xyz.com which maps to multiple aws dns entrys resolved via google dns (8.8.8.8) is 3.x.x.x

 

Like is there a way if I create two dns listeners say x.x.x.1 and x.x.x.2 the forwarder for .1 if needed goes to 10.x.x.10 or if .2 if needed is 8.8.8.8

 

application delivery
BIG-IP DNS

1 Reply

Sort By
  • SanjayP's avatar
    SanjayP
    Icon for Nacreous rankNacreous
    Aug 13, 2021

    So I assume zones int.xyz.com and ext.xyz.com are delegated to F5 DNS (GTM) and F5 DNS is authoritative for them. Main primary zone xyz.com is owned by primary DNS (LDNS) server (may be Inflobox, Bluecat or MS server). Please correct if this understanding is wrong.

     

    There could be many other smart ways to split this, but one of the way I think is

     

    • If ext.xyz.com is authoritative with your F5 DNS (GTM), you can just go that zone and create new NS record for awsftp.ext.xyz.com and point to appropriate NS server. GTM will forward queries for this to that NS server.
    • Or if all records inside ext.xyz.com needs to be forwarded to external NS server, you can delegate the entire zone via GTM.
    • If your F5 is not authoritative for zone ext.xyz.com (or doesn't need to be) , you can simply delegate that zone to it's NS servers from your main DNS server itself who is owning xyz.com