I want to be able to specify which forwarder is used to fully resolve the ip with no referrals.
ie
awssftp.xyz.com internally goes to a cname awsftp.int.xyz.com which via wide ip will give a appropriate 10.x.x.x
awssftp.xyz.com externally goes to a cname awsftp.ext.xyz.com which maps to multiple aws dns entrys resolved via google dns (8.8.8.8) is 3.x.x.x
Like is there a way if I create two dns listeners say x.x.x.1 and x.x.x.2 the forwarder for .1 if needed goes to 10.x.x.10 or if .2 if needed is 8.8.8.8
So I assume zones int.xyz.com and ext.xyz.com are delegated to F5 DNS (GTM) and F5 DNS is authoritative for them. Main primary zone xyz.com is owned by primary DNS (LDNS) server (may be Inflobox, Bluecat or MS server). Please correct if this understanding is wrong.
There could be many other smart ways to split this, but one of the way I think is
If ext.xyz.com is authoritative with your F5 DNS (GTM), you can just go that zone and create new NS record forawsftp.ext.xyz.com and point to appropriate NS server. GTM will forward queries for this to that NS server.
Or if all records inside ext.xyz.comneeds to be forwarded to external NS server, you can delegate the entire zone via GTM.
If your F5 is not authoritative for zone ext.xyz.com (or doesn't need to be) , you can simply delegate that zone to it's NS servers from your main DNS server itself who is owningxyz.com
